CNA Financial suffers extensive network disruption following cyber attack

The Chicago-based insurer took down its website and systems to mitigate potential damage from the attack

Chicago-based CNA Financial, one of the country’s largest insurance providers, has been hit by a cyber attack that’s left its website out of action and many network systems disrupted.

The insurance firm is the sixth-largest in the US and offers an extensive range of products, including policies against cyber attacks.

On March 21, the firm revealed it sustained a sophisticated cyber security attack.

“The attack caused a network disruption and impacted certain CNA systems, including corporate email,” the company statement read.

“Upon learning of the incident, we immediately engaged a team of third-party forensic experts to investigate and determine the full scope of this incident, which is ongoing. We have alerted law enforcement and will be cooperating with them as they conduct their own investigation.”

It added that it disconnected systems from its network, “out of an abundance of caution,” notified employees, and provided workarounds where possible to ensure they can continue operating.

“The security of our data and that of our insureds ’and other stakeholders is of the utmost importance to us. Should we determine that this incident impacted our insureds’ or policyholders’ data, we’ll notify those parties directly,” said the company.

CNA has also set up several email addresses to keep in contact with policyholders.

According to The Insurer, a publication serving the insurance industry, CNA’s network may be out of commission for a while, with the attack mainly impacting the underwriting and claims side of its business.

According to a tweet by Joshua Motta, CEO of security firm Coalition, there are rumors that the incident could be a ransomware attack. He added this could be a “nightmare scenario if cyber insurance policyholder data [is] compromised.”

Such data could give hackers information on how much money insurers could payout if a policyholder is attacked in the future. That would mean a hacker has more leverage over a victim, as they know how much money the insurer would pay out as a ransom. Such data could allow hackers to prioritize victims with larger or more comprehensive insurance policies.

CNA hasn’t yet revealed any further details of the attack or any lost or stolen data.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

Best ransomware removal tools
ransomware

Best ransomware removal tools

9 Apr 2021
Google Cloud unveils AI contact center focused on vaccine equity
artificial intelligence (AI)

Google Cloud unveils AI contact center focused on vaccine equity

16 Apr 2021
HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
PowerShell threats increased over 200% last year
cyber security

PowerShell threats increased over 200% last year

14 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
University of Hertfordshire's entire IT system offline after cyber attack
cyber attacks

University of Hertfordshire's entire IT system offline after cyber attack

15 Apr 2021
Xiaomi Redmi Note 10 Pro review: Champagne tastes on a lemonade budget
Mobile Phones

Xiaomi Redmi Note 10 Pro review: Champagne tastes on a lemonade budget

13 Apr 2021