TridentLocker Ransomware claims attack on Sedgwick Government Solutions

Sedgwick reports a security breach at its subsidiary, Sedgwick Government Solutions, following claims by a ransomware group TridentLocker. 

The subsidiary provides risk management and claims services to several high-profile federal agencies and municipal offices across the United States. It handled sensitive data for the Department of Homeland Security (DHS) and CISA. Other affected clients include Immigration and Customs Enforcement (ICE), the Department of Labor, and the Smithsonian Institution. The company also manages claims for the Port Authority of New York and New Jersey and various state agencies.

The group claimed the breach on December 31, 2025, alleging they stole 3.4 gigabytes of data from a file transfer system used by the Sedgwick Government Solutions. 

The types of exposed data and number of affected individuals is not disclosed. Sedgwick notified law enforcement and is communicating directly with impacted customers. 

Sedgwick claims that his subsidiary operates on a network segmented from the rest of the company's business. The company hired outside cybersecurity experts and legal counsel to lead the forensic investigation. 

Apparently, Investigators found no evidence that the threat actors reached the primary claims management servers or impacted the company's ability to serve its clients.