blackbasta attacks Basler Versicherungen

Incident Date:

April 26, 2022

World map



blackbasta attacks Basler Versicherungen


Basler Versicherungen




Frankenstraße, Germany

numberg, Germany

First Reported

April 26, 2022

Basler Versicherungen Targeted by Blackbasta Ransomware Group

Company Overview

Basler Versicherungen, a prominent entity in the field of Vision Technology, specializes in machine vision components for various sectors including industrial mass production, medicine & life sciences, and traffic control and logistics. Founded in 1988 by Norbert Basler, the company has grown to employ approximately 850 individuals across its global locations in Ahrensburg, the USA, Singapore, Taiwan, Korea, China, and Japan.

Vulnerabilities and Impact

The recent ransomware attack by the Blackbasta group marks another significant cybersecurity challenge for Basler Versicherungen. This follows a November 2021 cyber attack that led to a complete shutdown of its IT systems, significantly disrupting business operations. In response to these threats, the company has adopted a cybersecurity insurance policy to mitigate potential damages from such incidents. The full extent of the Blackbasta ransomware attack's impact remains uncertain. However, Basler Versicherungen has established a dedicated task force comprising both internal and external IT and forensic experts to thoroughly investigate the breach. Additionally, law enforcement agencies have been engaged, and a criminal complaint has been lodged.

Industry Vulnerabilities

The insurance sector is increasingly becoming a target for cybercriminals, with common threats including phishing, malware (notably ransomware), data exfiltration, and denial of service attacks. These incidents primarily aim to achieve financial gain, cause operational disruption, or conduct espionage.

The Blackbasta ransomware attack on Basler Versicherungen underscores the persistent cyber threats facing the insurance industry. It is imperative for companies within this sector to maintain high levels of vigilance and adopt comprehensive cybersecurity strategies to safeguard against such risks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.