Porto Seguro

Porto Seguro, one of Brazil’s largest insurance groups with approximately **10 million clients**, **13,000+ employees**, and **$5.1 billion in annual revenue**, suffered a **ransomware attack**. The company reported the incident to the **Securities and Exchange Commission (CVC)** but provided limited public details. While Porto Seguro stated that **no data leakage has been confirmed yet**, the long-term impact remains uncertain. The attack highlights the vulnerability of high-value financial institutions in Brazil and globally, many of which remain underprepared against evolving cyber threats. The incident underscores the critical need for robust cybersecurity measures, such as **behavioral analysis-based anti-malware solutions**, to prevent execution of ransomware before it inflicts damage. Given the scale of Porto Seguro’s operations, any disruption—even without immediate data loss—could pose **reputational risks**, **operational strain**, or **financial exposure** if systems were compromised or recovery efforts prolonged.

Source: https://www.acronis.com/en-gb/tru/posts/brazilian-insurance-giant-porto-seguro-hit-with-ransomware/

TPRM report: https://www.rankiteo.com/company/porto

"id": "por4102041102125",
"linkid": "porto",
"type": "Ransomware",
"date": "8/2025",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences: Attack in which data is not compromised"

{'affected_entities': [{'customers_affected': '10 million (potential exposure, '
                                              'no confirmed data leakage)',
                        'industry': 'Insurance',
                        'location': 'Brazil',
                        'name': 'Porto Seguro',
                        'size': 'Large (13,000+ employees, $5.1B annual '
                                'revenue)',
                        'type': 'Insurance Group'}],
 'data_breach': {'data_exfiltration': 'None identified (as per company '
                                      'statement)'},
 'description': "Porto Seguro, one of Brazil's largest insurance groups, has "
                'fallen victim to a ransomware attack. The company disclosed '
                'the attack to the Securities and Exchange Commission but '
                'provided limited public details. Porto Seguro states that no '
                'data leakage has been identified thus far. With around 10 '
                'million clients, over 13,000 employees, and an estimated '
                'annual revenue of $5.1 billion, Porto Seguro is a high-value '
                'target.',
 'impact': {'data_compromised': 'None identified (as per company statement)'},
 'investigation_status': 'Ongoing (no data leakage identified as of '
                         'disclosure)',
 'ransomware': {'data_exfiltration': 'None identified (as per company '
                                     'statement)'},
 'recommendations': 'Investment in cyber protection services (e.g., Acronis '
                    "Cyber Protect's advanced anti-malware with behavioral "
                    'analysis to block ransomware variants).',
 'references': [{'source': 'Acronis Cyber Protect (marketing context)'}],
 'regulatory_compliance': {'regulatory_notifications': 'Disclosed to '
                                                       'Securities and '
                                                       'Exchange Commission'},
 'response': {'communication_strategy': 'Disclosure to Securities and Exchange '
                                        'Commission'},
 'title': 'Ransomware Attack on Porto Seguro',
 'type': 'Ransomware Attack'}