AxisInsurance
Call us Today (201) 847-9175
CALL US TODAY (877) 787-5258

CNA Reveals Breach and Damage

April 8, 2021
Drew Smith

CNA, considered the 6th largest insurance company in the US, revealed that on March 21st, they suffered a sophisticated and coordinated hack to their systems. According to their press release, “The attack caused a network disruption and impacted certain CNA systems, including corporate email. Upon learning of the incident, we immediately engaged a team of third-party forensic experts to investigate and determine the full scope of this incident, which is ongoing. We have alerted law enforcement and will be cooperating with them as they conduct their own investigation.” To prevent further damage, they have disconnected their computers from their server, forcing many employees to use a work around.

While it is not clear what was stolen or what was compromised, according to several ransomware groups, insurance companies are prime targets for hacks such as this. The REvil ransomware operation stated in a recent interview that insurers are valuable targets to create lists of potential targets who are more likely to pay a ransom. “Yes, this is one of the tastiest morsels. Especially, to hack the insurers first—to get their customer base and work in a targeted way from there. And after you go through the list, then hit the insurer themselves," REvil's 'Unknown' told the TheRecord.[1]

After two weeks being down, CNA has announced that their servers have been restored to full service as of April 5th. ““Based on our forensic investigation to-date, our forensic experts have confirmed that the malware used by the Threat Actor in the CNA environment, including the ransomware, does not contain the ability to automatically spread to any internal or external systems. Also, additional security software has been deployed in the CNA environment,” the company stated.[2]

CNA’s breach reveals that big name companies are just as vulnerable and valuable as the small stores. However, just because they cause the headlines, does not mean smaller companies are safer. They are considered the low hanging fruit to these hackers. Be wary and diligent for anything suspicious in your inbox.

 

 

[1] https://www.bleepingcomputer.com/news/security/cna-insurance-firm-hit-by-a-cyberattack-operations-impacted/

[2] https://www.insurancejournal.com/news/national/2021/04/05/608421.htm
cyber insurance, Cost of Cyber Crime, Cyber Liability Claim Scenarios

    Share this post

    Recent Posts

    Categories

    AxisInsurance

    Connect to Our Cyber Hotline & Resources

    Connect

    Please see our Privacy Policy to understand how Axis Insurance Services handles your personal information. California Residents are entitled to specific rights which can be outlined on our Notice for California Residents. You may request information regarding our privacy policy or update your preferences by contacting us directly at 201-847-9175 or by completing the Request for Information on Privacy form.

    Schedule a Consultation

    Stay tuned with us on social networks!

    Quick Navigation

    Copyright ©2020, Axis Insurance Services, LLC

    In California and Texas as
    NJ Axis Insurance Services, LLC.
    In Illinois as
    Axis Insurance Services of New Jersey, LLC.
    In New York as
    NJ Axis Insurance Agency

    New Jersey Corporate License #OP-9948294.
    California Corporate License #OD-79693.

    Axis Insurance Services, LLC is not
    affiliated with Axis Insurance Company.