Zurich Brazil Data Breach 2023.
The company was originally founded in Switzerland in 1872, with headquarters in the city of Zurich. They are one of the most experienced global insurers in the world. With approximately 56,000 employees, they offer a broad range of life and casualty products and services in more than 210 countries and territories.
They serve individuals and legal entities – from small companies to multinationals. They also claim to be among the most responsible and impactful companies in the world.
The Russian-linked CL0P ransomware gang exploited a “zero-day” or previously unknown vulnerability in MOVEit Transfer, a popular file-transfer service used by organizations around the world to move large amounts of often-sensitive data.
With a long list of victims, Zurich Brazil decided not to pay the ransom and as a result of this all stolen data was leaked on the open Internet via torrents.
Because the CLOP gang don't publish when the data was stolen or even when they published the data for anyone to download, it is difficult to know if this is a new leak from the MOVEit attacks, that began in May, 2023.
The torrents are still active, but only has 2 peers and no seeders, so nobody will be able to download the data. As for how many seeders / downloads before today's date is currently unknown.
It is possible the data will be sold or given away on the re-opened Black Hat community forum Breached.is.
Perhaps this is the same leak that was published on the original Breachforums and is listed on the new one:
In June 2021, the Insurance company Zurich suffered a data breach that impacted 4.2 million records. The leak led to the exposure of data including Full names, Phone numbers, Email addresses (Only 4190 total) and Physical addresses.