CNA Insurance, the sixth-largest private insurer based in the USA, has knocked its website offline after a cyberattack. Some of the operations were disrupted, and the affected systems are now removed from the network to contain the attack. Affected people are said to be informed if their data is compromised in any way.
CNA Insurance Hit With Cyberattack
CNA Insurance is one of the largest commercial insurers that provides various insurance policies, including against cyber attacks. Ironically, the company itself is now experiencing a cyberattack, which it revealed yesterday. It said to have realized the attack on Match 21st and pulled the website offline with the following message;
โCNA is currently experiencing a network disruption that is impacting some of our systems. We are working to address these issues to minimize the disruption to you.โ
In an updated statement, CNA Insurance admitted they had taken the website offline due to a cyberattack, which also affects their corporate email. Further, they have disconnected all the networkโs concerned systems from limiting the consequences. They claim to emerge a third-party forensic expert for investigating the incident.
Theyโve also informed law enforcement and assists employees to continue the work with workarounds wherever possible. Finally, they affirmed that their dataโs security (and the customersโ) is given utmost importance and will inform the affected in case happened.
While itโs still called a cyberattack, a source to BleepingComputer said that it was actually a ransomware attack that disrupted operations. In that case, this incident would have severe consequences as itโs holding a trove of all its customersโ sensitive data.
This includes their PII and the cyber weak points in the case of cyber insurance policyholders, which can benefit the ransomware group to make specific choices and target effectively.