Ransomware group blacknevas hits Heng An Standard Life Insurance
Heng An Standard Life Insurance — a financial services target operating in HK has been listed by the blacknevas ransomware group on 2026-03-21. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | Heng An Standard Life Insurance |
|---|---|
| Threat Group | blacknevas |
| Summary | Downloaded:Complete Client Database: Unencrypted records containing full names, addresses, scanned identification documents (passports, driver’s licenses), and biometric facial data.Corporate Intellectual Property: All proprietary IT solutions, source code repositories, and internal development tools.Executive Correspondence: The complete archive of the Board of Directors meetings, including minutes, strategic plans, and the entirety of internal email correspondence among top management.We offer all data for purchase.The company's management concealed the fact of the leak.Heng An Standard Life Insurance is a major insurance company specializing in life insurance, operating primarily in the Asian region. |
| Date of Breach | 2026-03-21 |
| Discovery Date | 2026-04-30 |
| Region | HK |
| Target Domain | hengansl.com.hk |
| Business Sector | Financial Services |
| Severity | MEDIUM |
Claim by blacknevas
Downloaded:Complete Client Database: Unencrypted records containing full names, addresses, scanned identification documents (passports, driver’s licenses), and biometric facial data.Corporate Intellectual Property: All proprietary IT solutions, source code repositories, and internal development tools.Executive Correspondence: The complete archive of the Board of Directors meetings, including minutes, strategic plans, and the entirety of internal email correspondence among top management.We offer all data for purchase.The company's management concealed the fact of the leak.Heng An Standard Life Insurance is a major insurance company specializing in life insurance, operating primarily in the Asian region.
Posted by the blacknevas threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Victim website
hengansl.com.hk
Leak post (onion / Tor)
http://ctyfftrjgtwdjzlgqh4avbd35sqrs6tde4oyam2ufbjch6oqpqtkdtid.onion/a269572e-ffee-4c63-8038-ed994eb007aa
Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.

