Let’s Secure Insurance Brokers Pvt Ltd., a prominent Indian insurance brokerage firm, has reportedly fallen victim to ransomware. The perpetrators, identified as the Kill Security (alias KillSec) group, claim to have gained unauthorised access to the company’s data, sparking concerns over potential data breaches.
India has increasingly become a focal point for cyberattacks, with industries ranging from finance to healthcare targeted by sophisticated hacking groups. Let’s Secure Insurance Brokers Pvt Ltd is the latest high-profile name to join the growing list of Indian organisations compromised by ransomware gangs.
Let’s Secure was established in 2020 in Pune, Maharashtra and sells a wide range of products for Indian users. The firm partnered with several high-profile companies, including Digit, Edelweiss, HDFC Ergo, Shriram General Insurance, Oriental Insurance, Tata AIG Insurance, SBI General Insurance, and Bajaj Allianz, among others.
Cybersecurity researchers report that KillSec primarily targets India, with its attacks mostly directed at the country. The group also focuses on the United States and Bangladesh. The group is believed to originate from the Eastern Europe-Russia region and operates various services.
The group appeared in October 2023 and openly invited individuals with specific skills via their Telegram channel. In June 2024, KillSec presented its new Ransomware-as-a-Service (RaaS) offering.
Cybercriminals activity targeting India continues to escalate. In 2024 alone, the nation experienced 369 million cyberattacks, averaging a starggering 702 incidents every minute. Such alarming statistics show that the country’s organisations are still not well prepared to counter increasingly sophisticated threats.
Recent incidents highlight the scale and severity of the problem. In August 2024, C-Edge Technologies Ltd., a key service provider for cooperative and small banks, fell victim to a ransomware attack.
In January 2025, the State Child Protection Society (SCPS) in Madhya Pradesh faced a ransomware attack by the FunkSec group, which reportedly extracted over 2 GB of confidential data from its systems. Additionally, the FunkSec group recently targeted Wissenhive, an Indian edtech platform, compromising over 32,000 records from 2021 and 2022. These records included sensitive details such as administrator credentials, hashed passwords, and personal identifiers.
The telecommunications sector has not been spared. Last week, the Medusa ransomware group targeted Indus Towers, a major player in the Indian telecom industry. The attackers reportedly demanded a ransom of $500,000 to restore access to encrypted company data.
In the News: GitHub flaws allow attackers to leak user credentials
