On 18 July 2026, a ransomware group known as "nova" claimed responsibility for an attack on FMZ Tecnologia em Sistemas, a Brazilian technology firm. The claim was published on the ransomware.live…
Ransomware: krybit claims euroins.bg (BG) — Financial Services
BREACH. Sourced from ransomwarelive, summarised by Matproof.
AI Analysis
What changed and what to do.
On 18 July 2026, a ransomware group known as Krybit claimed responsibility for a cyberattack against Euroins Bulgaria, a major non-life insurer operating in the financial services sector. The claim was published on the ransomware.live leak site, indicating that sensitive corporate or customer data may have been exfiltrated. This incident falls under the BREACH notification framework, which typically requires mandatory reporting to regulators and affected parties under EU data protection and digital operational resilience rules.
The primary affected organization is Euroins Bulgaria, but the breach has broader implications for the entire financial services sector in the EU, particularly insurers and intermediaries handling personal and financial data. Regulators such as the Bulgarian Data Protection Commission and the European Banking Authority may initiate investigations. Customers, business partners, and any third-party vendors connected to Euroins could also face indirect exposure.
Compliance teams should immediately verify whether their organization has any data-sharing or service agreements with Euroins Bulgaria. They must assess if any personal or financial data has been compromised and prepare breach notifications under GDPR and the Digital Operational Resilience Act (DORA) within the required 72-hour window. Teams should also review their own ransomware response plans, ensure offline backups are intact, and monitor for any leaked data that could indicate a wider supply chain risk.
This summary is AI-generated for orientation purposes. For regulatory action, always consult the original source linked above.
More BREACH updates
Latest in BREACH.
As a senior EU regulatory compliance analyst, I summarize the following regulatory-relevant event: On 18 July 2026, the ransomware group Qilin publicly claimed responsibility for a cyberattack…
On 18 July 2026, a ransomware group known as Qilin publicly claimed responsibility for a cyberattack against Salina Supply, a US-based business services firm. The incident was published on the…
On 18 July 2026, a ransomware group known as Qilin publicly claimed responsibility for a cyberattack against St. Martha Catholic Church in the United States, a consumer-facing religious organization.…
Map this to your controls
Connect regulatory changes to your compliance work.
Matproof maps every regulator update directly to your controls and surfaces the ones that affect your organisation — across 21 frameworks.