Exploit: Ransomware
AXA: Insurance Company
Risk to Business: 1.817 = Severe
The Avaddon ransomware group claimed on their leak site that they had stolen 3 TB of sensitive data from insurance giant AXA’s Asian operations including the company’s offices in Thailand, Malaysia, Hong Kong and the Philippines. The gang claims that the stolen data includes includes sensitive customer and busienss data. The attack may be connected to AXA’s announcement that they would be dropping reimbursement for ransomware extortion payments when underwriting cyberinsurance policies in France.
Risk to Business: 1.773 = Severe
The group claims to have obtained 3 TB of data belonging to AXA including, customer medical reports (including those containing sexual health diagnosis), customer claims, payments to customers, customers’ bank account scanned documents, material restricted to hospitals and doctors (private fraud investigations, agreements, denied reimbursements, contracts), identification documents such as National ID cards, passports and other sensitive data.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware attacks as a punishment for company actions is uncommon but not surprising. Ransomware gangs like Abaddon can quickly slip under the adar to do damage at the companies that they choose to target with a simple phsihing email that packs deadly consequences.