Popular Life Insurance hit by Sarcoma ransomware: 36GB of data at risk

Popular Life Insurance Co. Ltd., one of Bangladesh's leading public service companies, has fallen victim to a ransomware attack orchestrated by the emerging "Sarcoma" ransomware group. The attackers have issued a five-day ultimatum, threatening to expose sensitive data unless their demands are met. The exact ransom amount remains undisclosed.

The Bangladesh Cyber Security Intelligence (BCSI) threat intelligence team reports that approximately 36GB of data, including attachments and SQL files, has been stolen. Although the specifics of the stolen data are unclear, concerns have been raised over the possible exposure of Personally Identifiable Information (PII), which could lead to misuse and further complications for affected individuals, according to BCSI.

When contacted, a spokesperson from Popular Life Insurance said that they identified the attempt of an cyber attack on the night of October 23. "However, the attackers were unable to cross the firewall due to our security measures. No data was stolen from us. Still, we are increasing our security systems," said the spokesperson.

Sarcoma is known for its use of double-extortion tactics, simultaneously encrypting and stealing sensitive data to pressure victims into compliance. Since being identified on October 10, 2024, the group has already targeted 46 victims worldwide, placing it among the top 10 ransomware groups globally. Previous notable attacks include ADT Freight Services Australia Pty Ltd, further underscoring the group's focus on high-profile targets.