News and Updates on Information Technology

Hong Kong – AXA

Exploit: Ransomware

AXA: Insurance Company

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.817 = Severe

The Avaddon ransomware group claimed on their leak site that they had stolen 3 TB of sensitive data from insurance giant AXA’s Asian operations including the company’s offices in Thailand, Malaysia, Hong Kong and the Philippines. The gang claims that the stolen data includes includes sensitive customer and busienss data. The attack may be connected to AXA’s announcement that they would be dropping reimbursement for ransomware extortion payments when underwriting cyberinsurance policies in France.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.773 = Severe

The group claims to have obtained 3 TB of data belonging to AXA including, customer medical reports (including those containing sexual health diagnosis), customer claims, payments to customers, customers’ bank account scanned documents, material restricted to hospitals and doctors (private fraud investigations, agreements, denied reimbursements, contracts), identification documents such as National ID cards, passports and other sensitive data.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware attacks as a punishment for company actions is uncommon but not surprising. Ransomware gangs like Abaddon can quickly slip under the adar to do damage at the companies that they choose to target with a simple phsihing email that packs deadly consequences.

 

Source: https://www.bleepingcomputer.com/news/security/insurer-axa-hit-by-ransomware-after-dropping-support-for-ransom-payments/