Maze Ransomware operators claim to have encrypted devices on Chubb’s network in March 2020. Maze has not published any of the allegedly stolen data, but has included the email addresses of executives such as CEO Evan Greenberg, COO John Keogh, and Vice Chairman John Lupica. Chubb is investigating whether this is unauthorized access to their data held at a third-party service provider as there is no evidence that their network was breached. Bad Packets has stated that the company has numerous Citrix gateways that are vulnerable to the CVE-2019-19871 vulnerability. The FBI says RDP is still 70-80% of the initial foothold that ransomware actors use.
Source: https://www.bleepingcomputer.com/news/security/chubb-cyber-insurer-allegedly-hit-by-maze-ransomware-attack/