Money

Top insurer CNA disconnects systems after cyberattack

It could be a "nightmare scenario" for CNA and others if hackers get ahold of policyholder information.

March 24, 2021

CNA Center in Chicago, Illinois on June 23, 2018. (Photo By Raymond Boyd/Getty Images)

CNA, one of the U.S.’s top providers of cybersecurity insurance, is struggling with a cyberattack that prompted it to disconnect its systems from its network.

Its website hasn’t been working for the last couple days, and at press time displayed the message, “The attack caused a network disruption and impacted certain CNA systems, including corporate email.”

The Chicago-based firm reported more than $10 billion in revenue in 2020, and is in the top 15 U.S. property and casualty insurers and top 10 U.S. providers of cyber insurance, according to recent measurements.

If the attack proves to include policyholder data, a cyber insurance industry expert warned, it could enable particularly devastating further incidents that hackers could use as leverage in extortion attempts. If that’s the case, CNA said, it will keep customers updated.

The company said it discovered the intrusion on March 21, adding that it is working with forensics experts to determine the scope of the incident and has alerted law enforcement for an investigation. A spokesperson did not respond to requests for information about the nature of the hack.

“The nightmare scenario” would be if hackers got ahold of policyholder data, said Coalition CEO Joshua Motta, whose company provides cyber risk management tools and cyber insurance.

“The ramifications of a ransomware attack or threat actor activity against CNA and insurance company networks — much less an insurance company that is one of the larger providers of cyber insurance — is that the threat actors are now maybe aware of which companies have applied for insurance with CNA, which have actually purchased that insurance, what coverage they have, including coverage for cyber extortion or ransomware, as well as the limits and deductibles of those policies,” he said.

Hackers could use that data to put ransomware victims in a bad position to negotiate an end to their networks being held hostage, Motta said.

Some studies have warned about the growing cyber risk to insurance providers, but Motta estimates they are at best “no better, no worse prepared” for attacks.

Industry ransomware victims last year include Chubb and Arthur J. Gallagher & Co.

Top insurer CNA disconnects systems after cyberattack

More Like This

Proposed data broker regulations draw industry pushback on anonymized data exceptions, bulk thresholds

Treasury official: Small financial institutions have ‘growth to do’ in using AI against threats

Atlassian vulnerability at fault in GAO breach

Top Stories

FISA reauthorization heads to Biden’s desk after Senate passage

FBI director warns of China’s preparations for disruptive infrastructure attacks

More Scoops

UK election admin agency breach exposed personal information of tens of millions voters

Cancer patient sues medical provider after ransomware group posts her photos online

Insurance giant settles NotPetya lawsuit, signaling cyber insurance shakeup

The cyber insurance market has a critical infrastructure problem

Ransomware demands are up more than 500%, the latest concern for insurers

Cyber insurance market encounters ‘crisis moment’ as ransomware costs pile up

Japan’s Tokio Marine is the latest insurer to be victimized by ransomware

Latest Podcasts

How Troy Hunt knows if you’ve been hacked and Washington tries to understand AI

Why pig butchering is the worst kind of online scam

How the FBI fights ransomware

Rumman Chowdhury on AI red-teaming; a Sisense supply chain attack

Government

Technology

Threats

Geopolitics