The Medusa ransomware group has allegedly added Aldagi, a prominent Georgian insurance company, to its data leak site. The threat actors claim to have exfiltrated 300.8 GB of sensitive data and have published screenshots as proof of the breach. A countdown timer on the group’s blog suggests the data will be publicly released unless a ransom is paid.
Established in 1990 and headquartered in Tbilisi, Georgia, Aldagi is one of the country’s first and most important insurance companies. It provides a vast range of over 80 insurance products and is a key player in the regional market, being the first in the Caucasus to also operate in reinsurance. The company’s partnerships with global leaders like Swiss Re and Lloyd’s underscore its significance, making this alleged security incident a serious concern for its clients and partners.
The sample data shared by the Medusa group indicates that the breach involves a wide variety of confidential information. The allegedly stolen files include:
- Personal identification documents, including passports
- Financial spreadsheets and client transaction details
- Internal corporate documents
- Customer policy information
