Cyber Incident Victim: Generali Tranquilidade
Date:
Jun 2025
Location:
Portugal
Summary
Generali Tranquilidade disclosed that an unauthorized access exposed customers' personal data including names, tax identification numbers, contact details and dates of birth, while confirming that no financial, health, password or other sensitive information was compromised. The insurer said it detected the breach, promptly notified affected clients, activated its contingency plan and alerted the relevant authorities, which allowed the incident to be contained and its impact limited. Customers were informed that no immediate action was required and that the company warned of possible phishing attempts using the exposed data.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Friday, June 20, 2025, Generali Tranquilidade was identified as the target of a cyberattack that resulted in unauthorized access to certain customer data. The company detected the breach and subsequently confirmed the incident through an internal review. An official source at Generali Tranquilidade confirmed to ECO that the attack occurred on that specific Friday. The company’s detection triggered the initiation of its response procedures.
The unauthorized access involved personal data fields such as customers’ names, tax identification numbers, contact information, and dates of birth. Generali Tranquilidade explicitly stated that there was no indication that financial data, health data, passwords, or any other sensitive information had been accessed. The company further clarified that no personal documents, access credentials, or any other categories of data beyond the identified identification and contact details were compromised. This clarification was included in the message sent to affected customers.
Upon confirming the breach, Generali Tranquilidade immediately notified the relevant competent authorities about the incident. The company also activated its predefined contingency plan without delay. The activation of the contingency plan enabled the organization to contain the cyberattack on the same day it occurred. By containing the incident promptly, Generali Tranquilidade was able to limit the overall impact of the attack significantly.
In the communication sent to the impacted customers, Generali Tranquilidade reiterated that the accessed data were limited to identification and contact information and that no financial, health, or credential data had been compromised. The message advised recipients to pay particular attention to any emails or messages that might appear suspicious and could be attempts at phishing using the exposed personal data. The company told customers that no immediate action was required on their part as a result of the breach. Generali Tranquilidade also noted that the swift activation of its contingency plan had minimized the impact and allowed the event to be considered controlled. The company concluded its communication by confirming that the incident had been managed and that further updates would be provided if necessary.