CNA Insurer Paid Ransomware Group $40 million

Insurance company CNA has paid a $40 million ransom to the group of criminals who infected the network with ransomware to decrypt files. It could be the highest ransom money known to have been paid in a ransomware attack Bloomberg reports.

The attack took place on March 21 and left CNA without a website and email. Initially, the insurer spoke of a "sophisticated attack" that caused system failures and affected all kinds of systems within the company. Details indicating that it was a sophisticated attack were not given.

Last week, CNA announced that there is no evidence that the attack was a targeted attack and that the insurer or policyholder data was not a conscious target. CNA could not yet say with certainty whether data from policyholders was also stolen by the attacker. Bloomberg sources report that the attackers did indeed steal data from the insurer.

Two weeks after the attack, CNA decided to pay the ransom the attackers asked for, the sources said. On May 12, the insurance company reported that it had fully recovered from the ransomware attack. CNA does not want to respond to the ransom to Bloomberg, saying that it followed the law and ransomware advice from the US Treasury in handling the incident ( PDF ). However, it does not prohibit paying ransom.

Previous Post Next Post