Insurtech CyberCube has pegged potential insurance losses from Amazon Web Services’ October 20 outage – which the firm dubbed “Amazonk” – between $38 mn and $581 mn.
The cyber risk analytics provider framed the impact on the re/insurance market as moderate, based on data pulled from its Portfolio Manager Version 6 platform.
Over 2,000 large organisations and nearly 70,000 companies in total were affected according to one analytics firm. Many global apps also went offline: gaming (Fortnite, Roblox), consumer devices (Ring), fintech (Venmo, Coinbase), everyday business tools
What happened?
- On October 20, 2025, many services running in AWS’s US-EAST-1 region halted operations after a glitch in its automated DNS system for Amazon DynamoDB created an empty DNS record that failed to self-repair.
- The disruption began at about 3:11 a.m. ET with increased error rates and latencies across multiple services. AWS reported full service restoration by around 6:00 p.m. ET, though some queued tasks and backlogs persisted.
- Besides the major outage, a follow-on incident emerged around October 28/29 in the same US-EAST-1 region: elevated latencies for EC2 and ECS tasks in one availability zone, though AWS labelled this as a partial issue rather than full outage.
A wide range of platforms stumbled, from Snapchat, Fortnite, and Roblox to fintech apps like Coinbase and Venmo, along with smart-home services including Ring. Atlassian’s collaboration tools went down too.
AWS’s us-east-1 region was the epicenter, and because of its outsized role in Amazon’s cloud infrastructure, ripple effects stretched beyond the US into the UK, Europe, and elsewhere.
CyberCube noted that insurers likely face loss ratios in the low- to mid-single digits. Even though the quoted range allows room for late-breaking developments, the firm believes most outcomes cluster toward the lower end.
Companies that depend heavily on uptime – tech groups, financial services firms – took the sharpest hit, though AWS is expected to reimburse many clients.
With the event lasting only a short stretch, some firms may not even bother with claims, choosing speed over paperwork.
The Security Incident Report called attention to the industry’s reaction. Despite alarmist headlines about the outage’s scale, insurers stayed measured.
These sorts of cyber aggregation events are modeled, priced, and underwritten. According to CyberCube, the insurance sector anticipated this scenario and absorbed it within expectations.
Why this matters for insurers and tech teams?
- The scale of disruption and the affected services underscore the systemic exposure in cloud infrastructure. This is relevant to cyber-aggregation modelling and business-interruption exposures.
- The event underlines the importance of multi-region deployment, cloud provider fall-backs, and explicit planning for dependency chains you might not see (for example, your app depends on DynamoDB which depends on DNS which depends on automation).
- While one firm estimated insured losses in a wide range (from $38 mn to $581 mn) the strongest likelihood is in the lower end. The recurrence of issues suggests “once is bad, twice is risk”.
According to Beinsure, the cyber insurance market in 2025 is showing two conflicting trends. Large corporates are tougher, with better-prepared systems that cut into the cost of major attacks.
Yet, the threat environment is still expanding, with attackers shifting tactics and targeting smaller firms that lack the same resilience.
Claim size has dropped more than 50%, and large-loss claims are down 30%. The shift reflects years of investment in cyber detection and incident response at global firms.
But the analysts warn that doesn’t mean the danger is fading. Supply chain reliance, tighter privacy laws, and more convincing social engineering are widening the scope of risk.
