Ransomware victim disclosure
← All victimsFidelity United
Claimed by Stormous · listed 9 days ago
Status timeline
- Listed
May 12, 2026
- Data leaked
At a glance
About the victim
AI dossier — public-source company profileFidelity United is a UAE-based insurance company operating across 5 offices in the UAE, formed through a 2017 partnership between United Insurance Company and Fidelity Assurance and Reassurance SAL and rebranded in 2018. The company offers a broad range of personal and commercial insurance products including motor, health, home, travel, pet, marine, property, liability, and engineering insurance. It reports over 502,890 claims processed and covers more than 285,000 individuals.
- Industry
- General Insurance (Personal & Commercial Lines)
- Address
- UAE (5 offices; specific street address not stated in available public data)
- Founded
- 1976
Attack summary
Severity: critical — 600 GB of data confirmed published, encompassing regulated PII at scale (passports, IDs, personal documents for all employees and thousands of broker/client records), full banking details, KYC files, internal passwords, and extensive insurance records — constituting confirmed exfiltration of regulated financial and personal data affecting a large number of individuals and business partners in the insurance sector.Stormous claims to have exfiltrated approximately 600 GB of data from Fidelity United (disclosed alongside arc-reins.com), including compliance audit data, full bank details, KYC files for all partners, personal data for all employees, marine and property insurance archives, client lists, passwords, and thousands of personal records for Fidelity and ARC brokers. The data has been published (disclosed status: data_published) with no ransom amount stated.
Data the group says was taken
AI dossier — extracted from the leak post- Compliance audit data
- Bank account details
- Legal licenses and tax documents
- Official contracts
- KYC and KYC TOBA files for all partners
- Employee passports and ID cards
- Employee emails and career details
- Manager contracts and internal communications
- Marine insurance archive (Middle East deals)
- Property insurance records
- Civil liability and risk insurance records
- Monthly and annual quality control reports
- Collective agreements with international partners
- Business travel logs
- Passwords and DC client lists
- Internal correspondence
- Digital identities and official company signatures
- Major client list
- Personal information records for Fidelity and ARC brokers
What the group claims
The breach also covers the marine insurance archive with all its deals in the Middle East, property insurance, civil liability, and risk insurance, in addition to monthly and annual quality control reports and collective agreements with major international partners.
The leak post
captured from the group's siteams-group.co.uk FULL DATA DUMP 33GB ams-group.co.uk FULL DATA DUMP 33GB The extracted data comprises administrative and financial records, payroll sheets, and client and partner directories, alongside technical and engineering specifications, employee records, and business plans. It also includes architectural designs, official contracts, detailed engineering reports, and construction site maps, as well as risk assessments, internal correspondence, and tax and legal information. We releasing the databases of CGCSA.CO.ZA (Consumer Goods Council of South Africa) for free. This comes after the company failed to reach a resolution and publicly denied the breach.The total size is 20 GB and includes.Full Reports CustomerData (thousands of clients) Scripts & Statements Invoices & CEO Reports TCS CGCSA & CGCSA ACC BACKUP SAGE200EVOSQL CGCSA FULL The data has been uploaded to Mega https://mega.nz/folder/siwUDQbL#-c-tWl8fW8zy1tcmEzoUhw $900k to Solve the Problem 5TB — While TTT Company was preoccupied with designing luxurious interiors and architectural masterpieces, they completely overlooked the design of a secure network. We have spent enough time within their internal infrastructure to c…
Data the group says was taken
- marine insurance archive
- property insurance
- civil liability
- risk insurance
- quality control reports
- collective agreements
- administrative data
- business travel logs
- passwords
- client lists
- internal correspondence
- digital identities
- company signatures
- broker personal details
Sources
Source
Indexed 9 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.