Security News > 2021 > July > Insurance giant CNA reports data breach after ransomware attack
CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March.
CNA is considered the seventh-largest commercial insurance firm in the US based on stats from the Insurance Information Institute.
"The investigation revealed that the threat actor accessed certain CNA systems at various times from March 5, 2021 to March 21, 2021," CNA said in breach notification letters mailed to affected customers today.
The data breach reported by CNA affected 75,349 individuals, according to breach information filed with the office of Maine's Attorney General.
Sources familiar with the attack told BleepingComputer that the Phoenix CryptoLocker operators encrypted over 15,000 devices after deploying ransomware payloads on CNA's network on March 21.
Two months ago, CNA reported that it has restored the systems impacted in the ransomware attack and is operating "In a fully restored state."
News URL
Related news
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- Free, France’s second largest ISP, confirms data breach after leak (source)
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- LA housing authority confirms breach claimed by Cactus ransomware (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)