Cyber Incident Victim: Degenia Versicherungsdienst
Date:
Oct 2023
Location:
Germany
Summary
A cyberattack targeted Degenia Versicherungsdienst, prompting the company to temporarily disconnect its IT infrastructure to contain the incident. The insurer notified customers through its website homepage and a special newsletter, though no specific details regarding the attackās nature or potential damages were disclosed. Authorities were engaged to investigate and minimize disruptions, with leadership expressing confidence in restoring normal operations swiftly. Customer inquiries were redirected to a dedicated email address during the outage. The incident followed a similar attack on another insurer months earlier.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around October 1, 2023, Degenia Versicherungsdienst AG experienced a cyberattack that disrupted its operations. The Bad Kreuznach-based insurance intermediary responded by temporarily disconnecting its IT infrastructure from the internet to contain the incident. The company notified stakeholders through multiple channels, including a prominent notice on its website homepage and a special bulletin distributed to newsletter subscribers. This incident followed another notable cyberattack against Saarland Versicherung in July 2023, marking continued targeting of insurance sector entities. As of October 4, Degenia had not released specific details regarding the attack methodology, scope of compromise, or confirmed damages. The company's communications channels remained limited during this period, with no representatives available for direct commentary three days post-incident.
Degenia initiated collaboration with relevant law enforcement authorities to investigate the breach, quantify damages, and minimize operational disruptions. Executive Board Member Halime Koppius publicly acknowledged the severity of the situation while expressing confidence in the organization's ability to implement corrective measures. The company established a dedicated email address ([email protected]) as the primary contact point for stakeholder inquiries related to the incident. Internal recovery efforts focused on restoring normal business operations, though no specific timeline for full system restoration was provided. The attack caused measurable operational impairment, necessitating continued offline containment measures during the initial investigation phase.