Expert-led cyber response when expertise matters most
Case study: Calm, expert‑led response to ransomware attacks
Industry: Manufacturing (Europe)
Challenge: Two ransomware attacks, operational disruption, regulatory uncertainty and stakeholder pressure
The Incident
A European manufacturing organisation experienced sequential ransomware attacks, disrupting critical systems.
The incidents involved unauthorised access and system encryption.
While no data compromise was identified, the events created significant operational and regulatory pressure for the business.
“From the first call, we felt calm, supported and guided step by step. The expertise included with the policy made all the difference.” - Insured quote
The QBE difference
- The insured initially planned to use existing legal and forensic advisers. Following consultation with QBE, they engaged QBE’s specialist partners and were reassured by the calm, structured incident management and practical guidance provided from the outset.
- The response combined coordinated investigation, containment and recovery, with clear explanations that helped leadership confidently navigate options, risks and next steps.
The Outcome
The incident was contained without ransom payment and systems were restored safely.
Regulatory, employee and customer notification requirements were managed with confidence.
A lasting relationship was established with QBE’s incident response partners to support ongoing cyber resilience and expertise.
Cover is subject to the applicable policy. These case studies are provided for illustrative purposes only, based on QBE’s claims experience. Some details have been changed for confidentiality. All products and services are provided by QBE Insurance Group Limited or its subsidiaries (“QBE”) or by QBE’s selected third party vendors and may be subject to additional terms and conditions, limitations and disclaimers [available on request]. Information and guidance provided by QBE is not intended to constitute any financial or professional advice tailored to your circumstances and may not have been prepared with detailed knowledge of your systems or the risks to your business, and does not cover all possible situations or actions necessary to respond to a cyber security incident. QBE does not make any guarantees regarding outcomes, such as reduced claim exposure or that a product or service will meet your unique needs. You are responsible for using your independent judgment to assess the advice provided and the suitability of any product and this does not replace the advice of legal counsel or cyber security professionals in preparing for, or responding to, a cyber security incident. QBE is not liable or responsible for services provided by its third party vendors. QBE and the chain links logo are registered trade marks of QBE Insurance Group Limited and third party marks are duly licensed. © 2026 QBE Insurance Group Limited.