Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Audits

Insurer CNA Discloses Ransomware Attack

Commercial insurer CNA has started notifying customers that threat actors did have access to some personal data during a ransomware attack in March.

Commercial insurer CNA has started notifying customers that threat actors did have access to some personal data during a ransomware attack in March.

The Chicago, Illinois-based company detected the incident on March 21 and shut down systems to contain it. By mid-May, the insurance giant said it was able to fully recover from the attack.

This week, the company started notifying customers that some personal data was accessed during the attack, but stressed that it was able to recover all the data.

“We have no evidence that any of your personal information has or will be misused, but we wanted to make you aware of the incident, the measures we have taken in response, and to provide details on proactive steps you may consider taking to help protect your information,” according to the letter from CNA.

The insurer also revealed that the attackers had access to its systems from March 5, 2021 to March 21, 2021, and that immediately after discovering the incident it took steps to contain it and launched an investigation.

During the two-week period they had access to CNA’s systems, the hackers accessed and copied “a limited amount of information,” and only after that they deployed ransomware, the company says.

Advertisement. Scroll to continue reading.

“However, CNA was able to quickly recover that information and there was no indication that the data was viewed, retained or shared. Therefore, we have no reason to suspect your information has or will be misused.”

Information stolen included names and Social Security numbers, the company said.

CNA did not say how it was able to recover the stolen personal information, but a published report suggested in May that the company paid roughly $40 million to regain control of the data.

Related: Continuous Updates: Everything You Need to Know About the Kaseya Ransomware Attack

Related: CISA Warns of Threat Posed by Ransomware to Industrial Systems

Related: Security Researchers Dive Into DarkSide Ransomware

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

James Phillips has been promoted to the role of Vice President, Cybersecurity Risk Management at AT&T.

Rafal Los has joined Binary Defense as Chief Strategy Officer.

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.