Cyber Incident Victim: Oman United Insurance Co SAOG

On January 1, 2020, Oman United Insurance Co SAOG, one of Oman's largest insurance providers, experienced a ransomware attack targeting its data center infrastructure. The intrusion disrupted normal operations and resulted in confirmed data loss spanning from December 10, 2019, through the attack date. The company formally disclosed the incident to Oman's Capital Market Authority (CMO) in a regulatory filing made public on Thursday, January 16, 2020, though the breach announcement reached broader public awareness through media reports by January 19. While the attackers deployed ransomware to encrypt systems, the company's disclosure explicitly confirmed permanent data destruction affecting records created during the 23-day window preceding the attack. No operational timeframe for full system restoration was specified in public statements, nor did the company identify whether customer data, corporate records, or both were primarily impacted by the data loss.

The organization's disclosure emphasized that the ransomware incident would not materially affect its financial performance, asserting no direct monetary losses from either the attack itself or subsequent remediation efforts. Technical specifics regarding attack vectors, ransomware variant identification, payment demands, or data recovery methods remained undisclosed in public filings and media reports. Oman United Insurance did not reference law enforcement involvement, third-party forensic investigations, or customer notification procedures in its limited public statements. The absence of disclosed operational disruptions beyond data loss suggests core insurance services continued functioning through alternate means during recovery. Final regulatory consequences or long-term reputational impacts were not quantified in available reporting.