Insurance giant CNA has assured they have achieved full restoration following a devastating ransomware attack. It took more than a month for the firm to announce this achievement after the cyberattack hit its network.
CNA Confirms Restoration
The US-based insurance giant CNA Financial has recently shared a security update confirming full restoration after a cyber attack.
CNA is fully restored, and we are operating business as usual. Our IT teams and third-party partners have worked hard to restore business operability.
Highlighting the details from the investigations, CNA confirmed that the incident wasn’t a cyberattack specifically directed at CNA.
Whereas, explaining the key steps taken to restore the services, CNA mentioned deploying advanced endpoint protection tools, system scanning and remediating the indicators of compromise (IoCs), and validating system sanitization before going online.
Besides, after the firm contained the attack, the threat actors had no further access to the company network.
The firm also assured that the incident didn’t affect external customers’ data.
CNA Ransomware Attack Overview
CNA Financial suffered a devastating ransomware attack in March 2021 that compelled the firm to shut down its services.
The attack not only disrupted the firm’s network but also severely impacted the email and other corporate systems.
Investigations revealed that the firm had fallen a victim to Phoenix Cryptolocker ransomware that potentially affected 15,000 devices.
Nonetheless, as per the latest update, CNA confirms that some of the servers remained unimpacted.
We do not believe that the Systems of Record, claims systems, or underwriting systems, where the majority of policyholder data – including policy terms and coverage limits – is stored, were impacted.
Yet, CNA continues with these investigations to check if any personal data suffered an impact. CNA is also conducting dark web scans to detect the existence of any data belonging to CNA there.
Let us know your thoughts in the comments.