General Insurance Article - AXA hit by ransomware attack


Branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong, and the Philippines have been struck by a ransomware cyber attack.

 The Avaddon ransomware group claimed on their leak site that they had stolen 3 TB of sensitive data from AXA's Asian operations. Additionally, BleepingComputer observed an ongoing Distributed Denial of Service (DDoS) against AXA's global websites making them inaccessible for some time.

 The compromised data obtained by Avaddon, according to the group, includes customer medical reports (exposing their sexual health diagnosis), copies of ID cards, bank account statements, claim forms, payment records, contracts, and more. The announcement from the group comes roughly a week after AXA stated that they would be dropping reimbursement for ransomware extortion payments when underwriting cyber-insurance policies in France. More information

 Lior Div, CEO and Co-founder, Cybereason has offered the following comment: "Unfortunately, AXA is in the long line of companies suffering from a ransomware attack. While it will take some time to learn the specifics of this newest attack, it is important to remind everyone ransomware attacks can be disrupted and stopped before they have a material impact on an organization by using endpoint detection and remediation software.

 In fact, the Biden Administration issued an Executive Order (EO) last week on combating ransomware and broader cybersecurity threats to critical infrastructure across federal and local agencies. Endpoint detection and remediation software was prescribed as a solution in the EO. Just a few years ago, many organizations implemented off-site data backup and recovery solutions with the notion that, in the case of a ransomware attack, they could confidently rebuff the attackers’ ransom demand and focus their mitigation efforts on restoring their systems from the backups. This was a pretty solid strategy until ransomware purveyors evolved their methods to include alternative means to pressure organizations into paying up - hence the emergence of the Double Extortion tactic.

 Cybereason strongly recommends against paying ransom demands as our recent research shows that more than half the companies that pay a ransom are hit a second time. However, each ransomware attack is unique to the impacted organization. The attack group, jeopardized data set, and potentially impacted third-party is somewhat unique to every situation. Organizations often deliberate long and hard before deciding to meet the ransom demands. A company’s lawyers and insurer will be involved in the decision to pay the ransom. Companies make decisions based on what they think is in the best interest of the company, its customers and shareholders."
  

Back to Index


Similar News to this Story

EU comprehensive AI Act includes obligations for employers
A major European regulation imposing strict rules on AI activities that pose high and unacceptable risks, including those deployed in the workplace, i
LMA calls for combined approach to cyber exposure management
The Lloyd’s Market Association (LMA) has today released Practical Management of Cyber Exposures and Aggregations, a best practice document on the mana
Car insurance premiums fall by 17 percent in last 12 months
Motorists are now on average paying £777, which is £164 less than one year ago, with easing claims inflation and frequency contributing to this trend.

Site Search

Exact   Any  

Latest Actuarial Jobs

Actuarial Login

Email
Password
 Jobseeker    Client
Reminder Logon

APA Sponsors

Actuarial Jobs & News Feeds

Jobs RSS News RSS

WikiActuary

Be the first to contribute to our definitive actuarial reference forum. Built by actuaries for actuaries.