Asefa, the Spanish subsidiary of France’s SMABPT, was posted on a dark web forum used by the Qilin ransomware cartel. Among the leaked data is an insurance plan for the reconstruction of FC Barcelona’s Camp Nou stadium.
-
Qilin ransomware gang claims to have stolen 210GB of data from Spanish insurer Asefa.
-
The leaked data reportedly contains sensitive documents like passports, internal agreements, and legal documents.
-
Note on Asefa's website indicates the company is dealing with a cyberattack.
The Qilin ransomware gang added Asefa to its dark web leak site early this week, claiming it took a staggering 210 gigabytes from the Spanish insurer.
Meanwhile, Asefa acknowledged that it was dealing with a cyberattack. While it’s unclear if the two are related, the company’s website has displayed a notice announcing an intrusion since early June.
“We want to sincerely thank you for the patience, understanding, and trust you have shown us during these difficult days following the cyberattack that has affected part of our systems,” reads Asefa’s note.
At the same time, the company added that its “core business” has not been affected by the attack and the company remains operational. Staff access to corporate emails has also been restored, Asefa informed.
“However, access to our website will remain temporarily closed until we can ensure that all tools and features are fully secure and operational,” the note said.
Meanwhile, the Cybernews research team investigated several data samples. According to our researchers, the supposedly stolen data includes internal company documents, passports, receipts, and legal agreements. One sample, which stands out due to being a very well-known sports brand, is supposedly an insurance program for the Catalan football club FC Barcelona’s stadium, the Camp Nou.
“Exposed sensitive documents, like passports and internal agreements, pose serious risks of identity theft or fraud and possibly corporate espionage – especially alarming is the leaked FC Barcelona insurance schedule, which could expose financial or operational vulnerabilities of a very high-profile client,” researchers said.
Asefa is owned by SMABTP, a major French insurance group, that reported revenues exceeding $4.6 billion, as per the company’s latest report.
The culprit behind the attack, Qilin ransomware, has been steadily growing its influence this year. While the gang has been operating since 2022, it ramped up the volume of attacks in 2025, targeting 68 entities in April alone.
For example, Qilin made headlines earlier this year after taking on SK Group, a global energy and manufacturing giant. According to Cybernews’ dark web monitoring tool, Ransomlooker, the gang has victimized at least 344 companies over the last 12 months.
Your email address will not be published. Required fields are markedmarked