AXA is among major insurers that have suffered
ransomware attacks, with operations in Thailand
hard-hit. Chicago-based CNA Financial Corp., the
seventh--ranked U.S. cybersecurity underwriter
last year, saw its network crippled in March.
Less than a week earlier, the cybersecurity
firm Recorded Future published an interview
with a member of the Russian-speaking
ransomware gang, REvil, that is skilled in pre-
attack intelligence-gathering and happens to
be behind the current attack. He suggested it
actively targets insurers for data on their clients.
CNA would not confirm a Bloomberg report that
it paid a $40 million ransom, which would be the
highest reported ransom on record. Nor would
it say what or how much data was stolen. It said
only that systems where most policyholder data
was stored “were not impacted.”
In a regulatory filing with the Securities and
Exchange Commission, CNA also said that
its losses might not be fully covered by its
insurance and “future cybersecurity insurance
coverage may be difficult to obtain or may only
be available at significantly higher costs to us.”
Another major insurance player hit by
ransomware was broker Gallagher. Although
it was hit in September, only this past week
(June 30) did it disclose that the attackers
may have stolen highly detailed data from
an unspecified number of customers — from
passwords and Social Security numbers to
credit card data and medical diagnoses.
Company spokeswoman Kelli Murray would
not say if any cyber insurance policy contracts
were on compromised servers. Nor would
she say whether Gallagher paid a ransom.