hiveleak attacks NSM Insurance Group

Incident Date:

March 18, 2022

World map



hiveleak attacks NSM Insurance Group


NSM Insurance Group




Conshohocken, USA

Philadelphia, USA

First Reported

March 18, 2022

NSM Insurance Group Suffers Ransomware Attack

NSM Insurance Group, a specialty insurance MGA, has recently fallen victim to a ransomware attack orchestrated by the group known as HiveLeak. This incident was disclosed on the group's dark web leak site, directly impacting NSM Insurance Group, which has been operational in the insurance sector for over 30 years. The company is recognized for its successful insurance programs, partnerships with A+ rated carriers, and a comprehensive range of specialty insurance offerings.

The firm's online presence showcases their proficiency in areas such as subrogation, workers' compensation, and professional liability. NSM Insurance Group's dedication to creating effective insurance solutions is evident through their high client retention rates, results-oriented approach, and the value placed on industry knowledge and client care.

This recent cyberattack highlights the escalating threat landscape within the insurance industry. Firms in this sector are becoming prime targets for cybercriminals due to the wealth of sensitive data they manage, which includes medical, corporate, and personal information. The attack on NSM Insurance Group is indicative of a broader pattern of increased ransomware activity targeting insurance entities, with numerous significant incidents emerging in 2023.

While specific details regarding the ransom demand and the scope of the data compromise remain undisclosed, this event emphasizes the critical need for stringent cybersecurity defenses within the insurance sector. As these companies continue to embrace digital transformation and broaden their service offerings, the implementation of comprehensive cybersecurity strategies is paramount.


  • NSM Insurance Group: Specialty Insurance MGA - NSM Insurance Group
  • KRQE. (2023, September 28). New Mexico insurance agency faces cyber attack - KRQE.
  • DarkReading. (2023, October 4). Insurance Companies Have a Lot to Lose in Cyberattacks - Dark Reading.
  • EMS1. (2024, February 27). Report: Ransomware attack on Minn. healthcare group disrupts prescription orders nationwide - EMS1.
  • Reuters. (2024, February 29). Healthcare providers hit by frozen payments in ransomware outage - Reuters.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.