Lloyd’s of London Cyber Incident Investigation Finds No Evidence of Compromise

Insurance giant Lloyd’s of London says it is working on restoring its systems after an investigation into a potential cyberattack found no evidence of compromise.

Last week, the company announced that it had detected unusual activity within its network and that it disconnected some of its systems as a precaution, while investigating the incident.

“Following the unusual activity detected on Lloyd’s network, our precautionary work to secure systems has been completed overnight,” a Lloyd’s spokesperson said, responding to a SecurityWeek inquiry.

In an emailed statement on Monday, Lloyd’s notified SecurityWeek that it has started restoring systems that were taken offline last week and that the entire restoration process is expected to be completed by Wednesday.

“Last week, unusual activity was detected on the Lloyd’s network. As a result, the proactive decision was made to take some systems offline and perform a cyber security investigation. This was led by a dedicated team and two specialist partners, Mandiant and NTT.

The investigation has concluded that no evidence of any compromise was found and as such Lloyd’s has been advised that its network services can now be restored.

We continue to work with our partners to monitor the IT environment as we restore services to the market, which we currently anticipate to complete by Wednesday 12 October.”

The insurance giant did not share any details about the cyber incident itself, but the actions it took initially suggested that ransomware might have been involved.

Related: Ransomware Claims Trending Downward, Insurance Firm Says

Related: Insurer CNA Says Cyberattack Caused Network Disruption

Related: Disruptions at Pan-American Life Likely Caused by Ransomware Attack