Ransomware: payload claims ENB Versicherungen | myenb.ch (CH) — Financial Services

On June 20, 2026, a ransomware group published a claim on the ransomware.live extortion site, alleging a data breach at ENB Versicherungen, a Swiss insurance entity operating under the myenb.ch domain. The claim, categorized under the BREACH framework, indicates that threat actors have exfiltrated data from the organization and are likely demanding payment to prevent its release. This publication serves as a public disclosure of the incident, which may trigger regulatory notification obligations under Swiss data protection law and the EU General Data Protection Regulation if EU residents’ data is involved.

The primary affected organization is ENB Versicherungen, a financial services firm in the insurance sector based in Switzerland. However, the incident may also impact its policyholders, business partners, and any third parties whose personal or financial data was compromised. Given the nature of the insurance sector, sensitive data such as health records, payment details, and identification documents could be at risk, potentially affecting individuals across Switzerland and the broader European Economic Area.

Compliance teams should immediately verify whether their organization has any data-sharing agreements or service relationships with ENB Versicherungen. If so, they must assess the potential exposure of their own data and begin incident response procedures, including notifying relevant data protection authorities within 72 hours if a personal data breach is confirmed. Teams should also review their own ransomware preparedness, ensure backups are isolated and tested, and update business continuity plans to account for supply chain risks from this incident.