Security News > 2021 > May > Insurer CNA Fully Restores Systems Following Ransomware Attack
Commercial insurer CNA this week announced that it has fully restored its systems following a ransomware attack two months ago.
The incident, which the Chicago, Illinois-based company revealed on March 23, affected various CNA systems, including the corporate email, and caused network disruptions.
"We continue to progress our investigation into this incident, in partnership with the third-party forensic experts working to assist CNA. We are pleased that in a short time since the ransomware event, we are now operating in a fully restored state," the company said.
The ransomware attack was detected on March 21, when the company decided to disconnect systems to contain the infection.
CNA also revealed that it conducted a system-by-system restoration activity that involved deploying an advanced detection and monitoring solution, scanning systems for and remediating indicators of compromise, and ensuring that systems are clean.
"We do not believe that the Systems of Record, claims systems, or underwriting systems, where the majority of policyholder data-including policy terms and coverage limits-is stored, were impacted," CNA also says.
News URL
Related news
- UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack (source)
- McLaren hospitals disruption linked to INC ransomware attack (source)
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- Most ransomware attacks occur between 1 a.m. and 5 a.m. (source)
- New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data (source)
- Lateral movement: Clearest sign of unfolding ransomware attack (source)
- BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave (source)