General Insurance Article - AXA hit by ransomware attack


Branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong, and the Philippines have been struck by a ransomware cyber attack.

 The Avaddon ransomware group claimed on their leak site that they had stolen 3 TB of sensitive data from AXA's Asian operations. Additionally, BleepingComputer observed an ongoing Distributed Denial of Service (DDoS) against AXA's global websites making them inaccessible for some time.

 The compromised data obtained by Avaddon, according to the group, includes customer medical reports (exposing their sexual health diagnosis), copies of ID cards, bank account statements, claim forms, payment records, contracts, and more. The announcement from the group comes roughly a week after AXA stated that they would be dropping reimbursement for ransomware extortion payments when underwriting cyber-insurance policies in France. More information

 Lior Div, CEO and Co-founder, Cybereason has offered the following comment: "Unfortunately, AXA is in the long line of companies suffering from a ransomware attack. While it will take some time to learn the specifics of this newest attack, it is important to remind everyone ransomware attacks can be disrupted and stopped before they have a material impact on an organization by using endpoint detection and remediation software.

 In fact, the Biden Administration issued an Executive Order (EO) last week on combating ransomware and broader cybersecurity threats to critical infrastructure across federal and local agencies. Endpoint detection and remediation software was prescribed as a solution in the EO. Just a few years ago, many organizations implemented off-site data backup and recovery solutions with the notion that, in the case of a ransomware attack, they could confidently rebuff the attackers’ ransom demand and focus their mitigation efforts on restoring their systems from the backups. This was a pretty solid strategy until ransomware purveyors evolved their methods to include alternative means to pressure organizations into paying up - hence the emergence of the Double Extortion tactic.

 Cybereason strongly recommends against paying ransom demands as our recent research shows that more than half the companies that pay a ransom are hit a second time. However, each ransomware attack is unique to the impacted organization. The attack group, jeopardized data set, and potentially impacted third-party is somewhat unique to every situation. Organizations often deliberate long and hard before deciding to meet the ransom demands. A company’s lawyers and insurer will be involved in the decision to pay the ransom. Companies make decisions based on what they think is in the best interest of the company, its customers and shareholders."
  

Back to Index


Similar News to this Story

Warning to drug and drink drivers on insurance impact
Car insurance costs four times as much for convicted drug drivers. Comprehensive policies double in price for those caught drink driving. Drug-driving
Commercial property prices softening but for how long
In H1 2025, global insured natural catastrophe losses amounted to $80 billion, making it one of the costliest first half-years on record for insurance
Broadstone appoint Cormac Bradley as Snr Actuarial Director
Cormac joins Broadstone with almost three decades of experience in the sector. Appointment strengthens Broadstone’s growing capabilities in the non-li

Site Search

Exact   Any  

Latest Actuarial Jobs

Actuarial Login

Email
Password
 Jobseeker    Client
Reminder Logon

APA Sponsors

Actuarial Jobs & News Feeds

Jobs RSS News RSS

WikiActuary

Be the first to contribute to our definitive actuarial reference forum. Built by actuaries for actuaries.