Claims administration and threat administration firm Sedgwick has confirmed that its federal contractor subsidiary, Sedgwick Authorities Options, was the sufferer of a security breach.
Sedgwick additionally employs over 33,000 individuals and serves 10,000 purchasers throughout 80 international locations, together with 59% of the Fortune 500, and its subsidiary serves over 20+ authorities company purchasers.
The listing of federal businesses utilizing Sedgwick Authorities Options’s companies consists of the Cybersecurity and Infrastructure Safety Company (CISA), the Division of Commerce, the US Citizenship and Immigration Providers (USCIS), the US Coast Guard, the Division of Homeland Safety (DHS), the U.S. Division of Labor, the Customs and Border Safety (CBP), and the U.S. Coast Guard.
A Sedgwick spokesperson advised BleepingComputer that the corporate is at present investigating a security breach that impacted its subsidiary, including that the guardian firm’s community was not affected.
Sedgwick has additionally notified legislation enforcement and has employed outdoors cybersecurity consultants to research the impression of the breach.
“Sedgwick is addressing a security incident at considered one of its subsidiaries, Sedgwick Authorities Options. Following the detection of the incident, we initiated our incident response protocols and engaged exterior cybersecurity consultants via outdoors counsel to help with our investigation of the affected remoted file switch system,” the spokesperson stated.
“Importantly, Sedgwick Authorities Options is segmented from the remainder of our enterprise, and no wider Sedgwick techniques or information had been affected. Additional, there is no such thing as a proof of entry to claims administration servers nor any impression on Sedgwick Authorities Options potential to proceed serving its purchasers. We now have notified legislation enforcement and stay in touch with our purchasers as we conduct our investigation.”
Whereas the corporate did not attribute the assault to a particular risk group, the assertion confirms the TridentLocker ransomware group’s claims that they breached the corporate.
The risk actors say they’ve stolen 3.39 GB of paperwork and, since taking duty for the assault, they’ve additionally revealed a number of the allegedly stolen information on their Tor information leak web site.
TridentLocker ransomware first surfaced in November and is at present itemizing a dozen victims on its leak website, together with Bpost (Belgian Publish Group), the corporate that delivers mail in Belgium and one of many largest civilian employers within the nation.
Bpost confirmed its community was breached on December third however stated its operations weren’t affected by the TridentLocker ransomware assault.
It is finances season! Over 300 CISOs and security leaders have shared how they’re planning, spending, and prioritizing for the yr forward. This report compiles their insights, permitting readers to benchmark methods, establish rising tendencies, and evaluate their priorities as they head into 2026.
Learn the way high leaders are turning funding into measurable impression.
