Xchanging

Xchanging, which also operates under the alias Xchanging, is a subsidiary that forms part of a larger global information technology services provider and maintains its headquarters in the United States of America. The organisation’s primary line of business consists of delivering managed services to customers in the insurance sector, while it also extends comparable service offerings to clients operating in other industries. As a component of an international IT services group, it draws upon the parent company’s worldwide infrastructure, technical expertise, and operational scale to support its service delivery model. Its core responsibilities involve the ongoing oversight, maintenance, and management of client information technology environments, with the objective of ensuring service availability and performance. This positioning within a multinational provider enables Xchanging to leverage broad resource pools and specialised knowledge that are not typically available to standalone providers. The location of its headquarters in the United States places it within a significant market for both technology solutions and insurance-related services.

On July 6, 2020, Xchanging experienced a ransomware incident that targeted the systems of its subsidiary, affecting the operating environments of multiple clients across the insurance and other sectors it serves. The attack resulted in a denial of access to those client environments, prompting an immediate response effort. Investigators determined that the intrusion was confined to the subsidiary’s network and found no evidence of data compromise or loss during the initial assessment. Following containment, remediation activities were undertaken and succeeded in restoring services for nearly all of the affected customers. Throughout the response, Xchanging engaged with law enforcement agencies and relevant authorities, although the specific ransomware variant responsible for the attack was never identified and no threat actor claimed responsibility for the episode. The episode highlights the organisation’s role as a managed services provider whose client base spans numerous organisations and underscores the importance of robust incident containment and recovery procedures.