Security News > 2021 > March > CNA insurance firm hit by a cyberattack, operations impacted
CNA Financial, a leading US-based insurance company, has suffered a cyberattack impacting its business operations and shutting down its website.
CNA is considered the sixth-largest commercial insurance company in the USA, according to the Insurance Information Institute, and offers a wide range of insurance products, including cyber insurance policies.
In an updated statement on their website, CNA has confirmed that a cyberattack is causing network disruption, including corporate email.
"On March 21, 2021, CNA determined that it sustained a sophisticated cybersecurity attack. The attack caused a network disruption and impacted certain CNA systems, including corporate email."
"The security of our data and that of our insureds' and other stakeholders is of the utmost importance to us and we are committed to continuing to serve them as we work to resolve this issue. Should we determine that this incident impacted our insureds' or policyholders' data, we'll notify those parties directly." - CNA. Attacks on insurance carriers are particularly dangerous as they could allow a ransomware operation to create a list of future targets covered under a cyber insurance policy.
Depending on the circumstances, it is not uncommon for insurance companies to pay the insured victims' ransom.