Sedgwick Government Solutions Confirms Cyber Incident at File Transfer System
TridentLocker claims a hit; Sedgwick says the incident was isolated.
Sedgwick confirmed a cybersecurity incident at its federal contractor subsidiary, Sedgwick Government Solutions (SGS), after the TridentLocker ransomware group claimed it stole data. Sedgwick says the intrusion was limited to an isolated file transfer system, and that there is no evidence of access to claims management servers or disruption of SGS client services.
Known points (so far):
- Sedgwick engaged outside cybersecurity experts and law enforcement.
- TridentLocker posted samples on its leak site; Sedgwick has not verified the dataset contents.
- SGS supports claims and risk services for federal agencies (DHS, CISA, CBP, USCIS, among others).
Why this matters: file‑transfer systems are a common weak spot because they sit between internal networks and external partners. Even if core systems are segmented correctly, a compromised transfer platform can expose sensitive client data and trigger regulatory and reputational fallout.
Practical next steps for similar organizations: 1) Harden file‑transfer platforms (MFT/FTP/SFTP) with MFA and strict network segmentation. 2) Validate data boundaries between subsidiaries and parent networks with real tests, not assumptions. 3) Tighten incident communications to avoid long gaps between leak claims and verified statements.
Sources:
- The Record: https://therecord.media/sedgwick-cyber-incident-ransomware
- BleepingComputer: https://www.bleepingcomputer.com/news/security/sedgwick-confirms-breach-at-government-contractor-subsidiary/
- Security Affairs: https://securityaffairs.com/186525/data-breach/sedgwick-discloses-data-breach-after-tridentlocker-ransomware-attack.html
Image credit: Flag of the United States (public domain) via Wikimedia Commons — https://upload.wikimedia.org/wikipedia/en/a/a4/Flag_of_the_United_States.svg
Liked this post ? You can buy me a coffee