US insurance giant CNA Financial paid $40 million ransom to regain control of systems
CNA Financial, one of the largest American insurance companies, reportedly paid a $40 million ransom payment to restore access to its systems after a ransomware attack. The figure is $10 million more than the highest attempted demand of $30 million in 2020 and double the highest attempted extortion figure, and was paid two weeks after CNA Financial’s networks were forced offline due to the ransomware attack. Personnel familiar with the matter reported that employees were locked out of the company’s systems and confidential data was stolen by the attackers. The attack was reported by CNA on March 21, with the company stating that they were experiencing network disruption and impacted systems.
Third-party cyber forensics experts investigating the incident stated that all attacker activity occurred prior to March 21 and the group responsible for the attack has not accessed the CNA environment since. CNA has not clarified what information was stolen, however, they did state that they did not believe that policyholder data, including terms and coverage limits, was impacted. Since the attack, CNA has fully restored its systems and is currently fully operational.