Months after suffering a devastating ransomware attack, the American insurance giant CNA has disclosed a data breach. The incident affected thousands of individuals as the attackers extracted data before deploying the ransomware on the firm’s systems.
CNA Admits Data Breach
In a recent data breach notification letter, the US-based insurance firm CNA Financial has admitted data theft affecting its customers. The firm has been sending these letters to the affected individuals, informing them of the incident.
As elaborated in the letters, CNA discovered that the breach happened in March this year, right before the ransomware attack. It appears that the attackers kept extracting data from the company systems at different times between March 5, 2021, and March 21, 2021.
During this time period, the threat actor copied a limited amount [of] information before deploying the ransomware.
Though, the firm found no evidence of misuse of this data since they swiftly recovered the information.
Specifically, the breached information includes personal details about the individuals, such as their names and Social Security numbers.
While this letter doesn’t state anything about the total number of affected individuals, a separate filing with Maine Attorney General mentioned 75,349 individuals suffered during this incident.
For the victims, the firm has offered a 24-month complimentary credit monitoring via Experian.
What Had Happened With CNA
Briefly, CNA Financial Corporation fell prey to a ransomware attack in March 2021. It turned that the firm had become a target of the Phoenix Cryptolocker ransomware gang. Following this incident, the company services went offline while the firm involved cybersecurity experts in investigating the matter.
Almost a month after, CNA confirmed full restoration of its services.
Yet, at that time, CNA assured that the incident didn’t affect external customers’ data.
However, it now turns out that it actually affected thousands of individuals.
Recently, the US chemical giant Brentagg also admitted a data breach affecting roughly 6000+ individuals following the ransomware attack.