Insurance giant CNA warns customers it suffered a major data breach
Cybercriminals obtained customer information before infecting CNA’s systems with ransomware
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
After falling victim to aransomwareattack earlier this year,CNA Financialhas begun notifying its customers of a data breach that occurred as a result of the attack.
Back in March the insurance company’s systems were infected with the Phoenix Locker ransomware which cybersecurity experts believe is a new ransomware family developed by the infamous Russian cybercriminal groupEvil Corp.
Now though, CNA has revealed that 75,349 of its customers were affected by a data breach which proceeded the ransomware attack.
In adata breach notificationsent out to affected customers, CNA explained that the cybercriminals behind the attack copied some information from its systems before deploying their ransomware, saying:
“The investigation revealed that the threat actor accessed certain CNA systems at various times from March 5, 2021 to March 21, 2021. During this time period, the threat actor copied a limited amount information before deploying the ransomware. However, CNA was able to quickly recover that information and there was no indication that the data was viewed, retained or shared. Therefore, we have no reason to suspect your information has or will be misused.”
Stolen information
After investigating which files were stolen during the attack, CNA discovered that they contained the personal information of its customers including their names and Social Security Numbers.
According to anew reportfromBleepingComputer, the news outlet spoke with sources familiar with the attack who told it that the cybercriminals that deployed the Phoenix Locker ransomware were able to encrypt over 15,000 devices connected to CNA’s network. At the same time though, the attackers also encrypted the computers of CNA employeesworking from homewho were logged into itsVPNduring the breach.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
In order to protect its customers whose information was obtained during the data breach, CNA will be offering them 24 months of freeidentity theft protectionandcredit monitoringfromExperian IdentityWorks.
In addition to notifying its customers about the ransomware attack and data breach, CNA has also notified theFBIand the company is working closely with law enforcement as they conduct their own investigation into the matter.
ViaBleepingComputer
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
Cisco issues patch to fix serious flaw allowing possible industrial systems takeover
Washington state court systems taken offline following cyberattack
Lego will let you build Sir Ernest Shackleton’s iconic lost ship, the Endurance, in its next Icons set
