Liberty Mutual Insurance Co.: Liberty Mutual hit with lawsuit over Everest ransomware data leak

Liberty Mutual Faces Lawsuit Over Ransomware Attack Exposing Sensitive Customer Data

A proposed class-action lawsuit accuses Liberty Mutual Insurance Co. of failing to protect customer data following a ransomware attack linked to the cybercriminal group Everest. The breach, which occurred on April 30, allegedly exposed personally identifiable information (PII) and protected health data, including Social Security numbers, financial records, and medical information.

The Everest ransomware group claimed responsibility for the attack, posting Liberty Mutual’s name and logo on its dark web leak site and threatening to publish stolen records after ransom negotiations expired. Plaintiffs allege the insurer did not notify affected customers directly, leaving them unaware of their heightened risk of fraud and identity theft.

The lawsuit, filed on May 6 in the District of Massachusetts Eastern Division, names two Massachusetts residents Robert Francis and John Goodwin as lead plaintiffs. Francis reported receiving spam, scam, and phishing messages after the breach, forcing him to spend significant time monitoring his accounts. Goodwin experienced anxiety, sleep disruption, and emotional distress due to the exposure of his sensitive data.

Plaintiffs argue that Liberty Mutual failed to implement adequate cybersecurity measures, including proper encryption, and violated its own privacy policies. The complaint also warns that stolen data may already be circulating on the dark web, increasing long-term risks for affected individuals.

The lawsuit seeks damages and injunctive relief for a proposed nationwide class of victims. Liberty Mutual has not responded to requests for comment.

Source: https://insurancenewsnet.com/innarticle/liberty-mutual-hit-with-lawsuit-over-everest-ransomware-data-leak

Liberty Mutual Insurance cybersecurity rating report: https://www.rankiteo.com/company/liberty-mutual-insurance

"id": "LIB1779359744",
"linkid": "liberty-mutual-insurance",
"type": "Ransomware",
"date": "4/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Nationwide class of victims '
                                              '(exact number not specified)',
                        'industry': 'Insurance',
                        'location': 'United States',
                        'name': 'Liberty Mutual Insurance Co.',
                        'type': 'Insurance Company'}],
 'customer_advisories': 'No direct notification to affected customers',
 'data_breach': {'data_exfiltration': 'Yes (threatened to publish on dark web)',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally identifiable '
                                              'information (PII)',
                                              'Protected health data',
                                              'Social Security numbers',
                                              'Financial records',
                                              'Medical information']},
 'date_detected': '2024-04-30',
 'date_publicly_disclosed': '2024-05-06',
 'description': 'A proposed class-action lawsuit accuses Liberty Mutual '
                'Insurance Co. of failing to protect customer data following a '
                'ransomware attack linked to the cybercriminal group Everest. '
                'The breach exposed personally identifiable information (PII) '
                'and protected health data, including Social Security numbers, '
                'financial records, and medical information. The Everest '
                'ransomware group claimed responsibility and threatened to '
                'publish stolen records after ransom negotiations expired. '
                'Plaintiffs allege the insurer did not notify affected '
                'customers directly, leaving them at risk of fraud and '
                'identity theft.',
 'impact': {'brand_reputation_impact': 'Negative publicity, lawsuit, failure '
                                       'to notify customers directly',
            'customer_complaints': 'Spam, scam, and phishing messages; '
                                   'anxiety, sleep disruption, emotional '
                                   'distress',
            'data_compromised': 'Personally identifiable information (PII), '
                                'protected health data, Social Security '
                                'numbers, financial records, medical '
                                'information',
            'identity_theft_risk': 'High',
            'legal_liabilities': 'Class-action lawsuit, potential regulatory '
                                 'fines'},
 'initial_access_broker': {'data_sold_on_dark_web': 'Potential (data may '
                                                    'already be circulating)'},
 'motivation': 'Financial gain, data extortion',
 'post_incident_analysis': {'root_causes': 'Failure to implement adequate '
                                           'cybersecurity measures, including '
                                           'proper encryption; violation of '
                                           'privacy policies'},
 'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Everest'},
 'references': [{'source': 'Class-action lawsuit filing'}],
 'regulatory_compliance': {'legal_actions': 'Class-action lawsuit filed on May '
                                            '6, 2024'},
 'response': {'communication_strategy': 'No direct notification to affected '
                                        'customers'},
 'threat_actor': 'Everest ransomware group',
 'title': 'Liberty Mutual Faces Lawsuit Over Ransomware Attack Exposing '
          'Sensitive Customer Data',
 'type': 'Ransomware'}