Leadway Assurance Company Ltd. has allegedly fallen victim to a recent cyberattack, carried out by the ALPHV ransomware group. The group added the company to its victim list.
The attack allegedly resulted in the theft of sensitive data, including budgets, names, addresses, passports, and more. However, the Leadway Assurance Company data breach is yet to be confirmed.
Leadway Assurance Company data breach explained
As one of the leading insurance providers in Nigeria, Leadway Assurance Company Ltd. has a responsibility to safeguard the personal information of its customers. Unfortunately, the latest attack by ALPHV ransomware, if true, puts the company at a big risk.
A big part of the country relies on the company for their insurance needs, making the attack claim alarming for the citizens of Nigeria.
The Cyber Express team has reached out to Leadway Assurance Company but we haven’t received any response or official statement from the company.
However, if the data breach claim is true, then it puts immense pressure on the company as its one of the largest insurance providers in Nigeria and has financial details of thousands of individual in the country.
Leadway Assurance Company data breach and the rise of threat actors
The Leadway Assurance Company data breach is just tip of the iceberg because the ALPHV ransomware gang has claimed multiple victims since inception.
The group has targeted numerous organizations globally using the triple-extortion tactic through their ransomware-as-a-service (RaaS) threat.
ALPHV, also known as ALPHV-ng, BlackCat, and Noberus, was first observed in November 2021. Their approach is to steal sensitive data before encrypting it and then threatening to release it publicly if their demands are not met.
They go a step further than the typical double-extortion tactic by adding the threat of a distributed denial-of-service (DDoS) attack.
It appears that the ALPHV ransomware gang is experienced in this area, using big-game hunter tactics, techniques, and procedures (TTP) and demonstrating recent success.
These factors suggest that this group is likely made up of former ransomware group members, rather than newcomers.
Some members of cybercrime forums have even speculated that ALPHV could be a rebranding or evolution of BlackMatter, which is itself a successor of REvil and DarkSide.
The group is known to advertise on Russian-language cybercrime forums, offering affiliates up to 90% of any ransom collected as an incentive to join.