Security News > 2021 > July > Insurance giant CNA reports data breach after ransomware attack
CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March.
CNA is considered the seventh-largest commercial insurance firm in the US based on stats from the Insurance Information Institute.
"The investigation revealed that the threat actor accessed certain CNA systems at various times from March 5, 2021 to March 21, 2021," CNA said in breach notification letters mailed to affected customers today.
The data breach reported by CNA affected 75,349 individuals, according to breach information filed with the office of Maine's Attorney General.
Sources familiar with the attack told BleepingComputer that the Phoenix CryptoLocker operators encrypted over 15,000 devices after deploying ransomware payloads on CNA's network on March 21.
Two months ago, CNA reported that it has restored the systems impacted in the ransomware attack and is operating "In a fully restored state."
News URL
Related news
- Texas State Bar warns of data breach after INC ransomware claims attack (source)
- Food giant WK Kellogg discloses data breach linked to Clop ransomware (source)
- 2025 Data Breach Investigations Report: Third-party breaches double (source)
- Marks & Spencer breach linked to Scattered Spider ransomware attack (source)
- PowerSchool previously hacked in August, months before data breach (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
- BlackLock ransomware claims nearly 50 attacks in two months (source)