Home Cyber Attack CNA Disclosed Data Breach In The Wake Of Ransomware Attack
Cyber AttackHacking NewsNews

CNA Disclosed Data Breach In The Wake Of Ransomware Attack

by Abeerah Hashim
written by Abeerah Hashim
CNA data breach

Months after suffering a devastating ransomware attack, the American insurance giant CNA has disclosed a data breach. The incident affected thousands of individuals as the attackers extracted data before deploying the ransomware on the firm’s systems.

CNA Admits Data Breach

In a recent data breach notification letter, the US-based insurance firm CNA Financial has admitted data theft affecting its customers. The firm has been sending these letters to the affected individuals, informing them of the incident.

As elaborated in the letters, CNA discovered that the breach happened in March this year, right before the ransomware attack. It appears that the attackers kept extracting data from the company systems at different times between March 5, 2021, and March 21, 2021.

During this time period, the threat actor copied a limited amount [of] information before deploying the ransomware.

Though, the firm found no evidence of misuse of this data since they swiftly recovered the information.

Specifically, the breached information includes personal details about the individuals, such as their names and Social Security numbers.

While this letter doesn’t state anything about the total number of affected individuals, a separate filing with Maine Attorney General mentioned 75,349 individuals suffered during this incident.

For the victims, the firm has offered a 24-month complimentary credit monitoring via Experian.

What Had Happened With CNA

Briefly, CNA Financial Corporation fell prey to a ransomware attack in March 2021. It turned that the firm had become a target of the Phoenix Cryptolocker ransomware gang. Following this incident, the company services went offline while the firm involved cybersecurity experts in investigating the matter.

Almost a month after, CNA confirmed full restoration of its services.

Yet, at that time, CNA assured that the incident didn’t affect external customers’ data.

However, it now turns out that it actually affected thousands of individuals.

Recently, the US chemical giant Brentagg also admitted a data breach affecting roughly 6000+ individuals following the ransomware attack.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Palo Alto Networks Patched A Pan-OS Vulnerability Under...

Apple Removed Numerous Apps From China App Store

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...

LayerSlider WordPress Plugin Vulnerability Affected Thousands Of Websites