Cyber Incident Victim: SVI Assurances

The Avaddon ransomware group targeted French insurance provider SVI Assurances in early February 2021, with public evidence of the attack emerging on February 5. Attackers claimed to have exploited system vulnerabilities to gain initial access before infiltrating networks and exfiltrating approximately 100GB of human resources data. Avaddon set a ransom deadline of February 7, threatening to publish the allegedly stolen information unless payment was made. The group characterized SVI as uncooperative and unaware of the incident's severity, stating the company had become "hostages of the situation." When contacted by journalists, SVI representatives denied experiencing any security breach or data theft, creating conflicting narratives about the attack's validity.

The incident carried significant reputational and operational risks for SVI due to the sensitive nature of HR data potentially exposed. Avaddon's threatened data leak could have impacted employee privacy and client trust if executed. The February 7 deadline created time pressure for response decisions, though no public confirmation exists regarding whether data was ultimately published. The attack occurred amid Avaddon's simultaneous targeting of Canadian cleaning firm Qualinet, suggesting a broader campaign pattern. Limited information exists regarding SVI's internal detection methods, containment procedures, or recovery actions beyond their initial denial of compromise. The discrepancy between attacker claims and corporate statements left the incident's full scope unverified in public reporting.