Qilin ransomware gang hits spanish insurer Asefa, exposing FC Barcelona stadium plans
Learn More
The Qilin ransomware group claims a breach of Asefa, the Spanish subsidiary of major French insurance firm SMABTP.
Asefa acknowledged the cyberattack. The insurer claims that while certain systems were disrupted, its core business operations are not affected and the company continues to operate normally. Staff access to corporate email systems has been restored, but the company's website remains temporarily closed as a precautionary measure until all tools and features can be verified as fully secure.
The hackers claim to have stolen 210 gigabytes of sensitive data from the organization. The cyberattack has confidential information, including internal corporate documents and notably, insurance plans for the reconstruction of FC Barcelona's iconic Camp Nou stadium.
Exposed data types include:
- Internal corporate files and documents
- Business receipts and financial records
- Legal agreements and contracts
- Employee and client passports
- Insurance plans for FC Barcelona's Camp Nou stadium reconstruction
The number of affected individuals has not been disclosed.
The breach has raised significant security concerns, particularly regarding the exposure of FC Barcelona's insurance documentation. Cybersecurity researchers noted that "exposed sensitive documents, like passports and internal agreements, pose serious risks of identity theft or fraud and possibly corporate espionage – especially alarming is the leaked FC Barcelona insurance schedule, which could expose financial or operational vulnerabilities of a very high-profile client".
