-
The Everest ransomware group says it stole 186GB of Bolttech, a global insurance technology company, data, including customer info, policy details, and employee files.
-
The Russian hackers posted samples on the dark web with a countdown. If they don’t get paid, they plan to leak everything.
-
This leak could cause phishing, identity theft, fake claims, and doxxing if the data is misused.
Bolttech, one of the big names in insurance tech, just got hit by a serious data breach. A well-known hacker group says they’ve grabbed a huge trove of the company’s sensitive data.
Now they’re demanding money and threatening to leak everything if Bolttech doesn’t pay up. They’ve set a deadline for ransom payment, or else the files go public.
Details of the Breach and Stolen Data
A hacking group called Everest Ransomware posted on a dark web leak site claiming it stole 186GB of data from Bolttech, a big insurance company.
Bolttech is like a digital bridge in the insurance world. They connect insurance carriers, brokers, and tech companies, and their platform processes more than $5 billion in insurance premiums annually.
According to their own dark web post, it’s a treasure trove of personal and corporate information. The gang claims to have employee and agent account details like emails, names, and job roles.
They also say they have customer contact information, detailed policy data, and even mortgage-related records. The list goes on to include phone numbers, insured property addresses, and internal company identifiers.
To make their threat real, Everest posted photo samples of the stolen data. They’ve set up a public countdown timer on their leak site. The message is clear: pay up, or we dump everything online later this week.
About Everest and Its Hacking Spree
It is believed that the Everest Ransomware group has ties to Russia. They first emerged sometime in 2021 and got really famous after hitting AT&T in October 2022. They had claimed to have accessed the company’s entire network at the time.
Since then, they’ve been incredibly busy and have caused a lot of damage. In fact, according to reports, Everest has victimized over 100 organizations in just the past year. That makes them one of the most active and dangerous cybercrime cartels operating today.
They’ve gone after some massive targets recently. These include Brazilian petroleum giant Petrobras and the global sportswear brand Under Armour. They clearly go for big names that can afford to pay large ransoms.
The Real-World Risks for People
Security researchers at Cybernews looked into this claim, and the risks are serious for real people. One such possibility is that bad actors use people’s details to carry out targeted phishing attacks. You could get an email claiming to be from your insurance service provider.
The email knows your name, your policy number, and even the address of the property you insured, making it seem pretty convincing and legit. That’s why personal information from leaks is a goldmine for hackers.
Researchers also warned about identity profiling. Criminals could build detailed profiles on individuals using this combined data. They could also use the stolen policy identifiers to file fraudulent insurance claims with customer support teams.
A big unanswered question is whether full home addresses are in the stolen database. If they are, the research team said the risk of doxxing becomes even greater. That’s when someone’s private address or information is published online with malicious intent.
Bolttech’s Position and Next Steps
Where does this leave Bolttech? The Singapore-based company is a major player. They just closed a $147 million funding round this past summer. That round valued the company at a whopping $2.1 billion.
They generate approximately $1.6 billion in annual revenue. This breach hits them at a time of significant growth and prominence in the insurtech sector.
As of now, Bolttech has yet to give any official statement regarding the breach claims. But the big question now is what Bolttech will do. Will they negotiate with the hackers? Will they refuse to pay and hope to mitigate the damage of a public leak, or will there be a timely intervention from the authorities?
Bolttech customers, employees, or partners need to be extra vigilant. Watch for any suspicious communications. The coming days will reveal whether this data remains locked away or spills out onto the dark web for anyone to access.
