Cybernews reports that MetLife was claimed to have been compromised by the RansomHub ransomware-as-a-service operation, which alleged the theft of 1 TB of data from the major global insurance company's systems. The insurance company, however, denied that its systems were compromised, saying an Ecuador-based subsidiary was impacted by a "cyber incident."
Included in the exposed sample files, all of which are in Spanish, were a minutes log from Dec. 11 pertaining to internet issues impacting its Commercial Consulting customers, Investment, Treasury & Risk Committee notes from September, Executive Board meeting documents from July, financial and investment documents, and details regarding systems from Brazil, Chile, Columbia, and other countries.
Despite the nature of the leaked documents, MetLife denied any cyberattack against its Latin American division even if it acknowledged a breach of its Ecuador-based subsidiary's financial services firm Fondo Genesis. "Fondo Genesis operates separately from MetLife's enterprise systems. Therefore, the impact of this incident is limited only to Fondo Genesis," said the MetLife spokesperson.
Such a development comes after MetLife was reported by Hudson Rock to have a dataset with almost 600,000 records exposed as a result of the MOVEit hack. MetLife told SC Media in a Jan. 2 email that Fondo Genesis was never compromised via MOVEIt.
