Breach Notification , Incident & Breach Response , Security Operations

Insurer CNA Disconnects Systems After 'Cybersecurity Attack'

Investigation Continues; Law Enforcement Officials Notified
Insurer CNA Disconnects Systems After 'Cybersecurity Attack'

Insurance provider CNA reported Tuesday it was victimized over the weekend by a "cybersecurity attack" that caused a network disruption and affected certain systems, including corporate email.

See Also: OnDemand Webinar | Cloud applications: A Zero Trust approach to security in Healthcare

"Out of an abundance of caution, we have disconnected our systems from our network," the company says in a notice posted on its homepage. "We've notified employees and provided workarounds where possible to ensure they can continue operating and serving the needs of our insureds and policyholders to the best of their ability."

The company, which says the attack was discovered Sunday, has set up a phone number and new email for customers who need to file claims while its systems are not operational.

CNA says it has hired a forensics expert to handle the investigation and determine the full scope of the incident's impact. The company also notes it has alerted law enforcement officials.

The insurer did not immediately respond to Information Security Media Group's request for additional information.

Prime Targets

Chris Clements, vice president of solutions architecture for the security firm Cerberus Sentinel, says insurers and other service providers are prime targets for attacks.

"I expect to see service providers increasingly targeted by cybercriminals," he says "After all, why spend time trying to compromise a hundred different companies individually when you can compromise them all at once by targeting their provider?

Chicago-based CNA has 5,800 employees and generated $10.8 billion in revenue in 2020, according to Google Finance. It sells specialized property and casualty insurance products and services for businesses and professionals.

String of Attacks

CNA is one of several companies that have reported cyber incidents over the weekend.

Canadian IoT device manufacturer Sierra Wireless reported Tuesday it had suffered a ransomware attack over the weekend, forcing it to halt production. The company's website remained offline Wednesday afternoon.

Also over the weekend, PC maker Acer was reportedly hit by a ransomware attack.


About the Author

Doug Olenick

Doug Olenick

News Editor, ISMG

Olenick has covered the cybersecurity and computer technology sectors for more than 25 years. Prior to joining ISMG as news editor, Olenick was online editor for SC Media, where he covered every aspect of the cybersecurity industry and managed the brand's online presence. Earlier, he worked at TWICE - This Week in Consumer Electronics - for 15 years. He also has contributed to Forbes.com, TheStreet and Mainstreet.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.