Skyward Specialty Data Breach: Documents on Dark Web

Skyward Specialty Insurance recently experienced a ransomware attack by a cybercriminal group known as Kill Security. The breach was discovered when Skyward Specialty was alerted that a database containing certain documents was publicly discoverable online due to a misconfiguration in the database settings. This misconfiguration allowed unauthorized individuals who knew the database URL to access sensitive information.

On April 5, 2025, Skyward Specialty learned that some of these publicly discoverable documents had already appeared on the dark web. Kill Security, the ransomware group responsible, claimed to have obtained Skyward Specialty Insurance's database and threatened to publish the stolen data within 7-8 days. Screenshots of the compromised data were provided by Kill Security on their dark web portal, accessible through the anonymous Tor network.

Currently, the exact number of individuals affected by this breach has not been disclosed. Additionally, the specific types of personally identifiable information (PII) or protected health information (PHI) exposed have not yet been publicly detailed by the company. Skyward Specialty Insurance's investigation into the extent of the breach and the nature of the exposed data is ongoing. Updates will be provided as further information becomes available.

Skyward Specialty Insurance's response

Upon discovering the breach, Skyward Specialty Insurance took action to remediate the misconfiguration that made the database publicly discoverable. The company is actively conducting a thorough investigation to determine the full extent of the breach, including identifying the specific types of data compromised and the number of individuals potentially affected.

Skyward Specialty Insurance has notified regulatory authorities about the incident and provided an official notification of the potential data breach, which can be viewed in full on the Idaho Attorney General's website.

Affected individuals or those concerned about their personal information are encouraged to closely monitor their financial accounts and credit reports for any suspicious or unauthorized activity. It is also advisable to consider placing a fraud alert or credit freeze on credit reports to protect against potential identity theft.

For further questions or concerns regarding this incident, Skyward Specialty Insurance has provided a contact email for Jillian Tisdel, Assistant General Counsel, at jtisdel@skwyardinsurance.com.

For more information about the company, visit the official Skyward Specialty Insurance website.