CNA warns customers it suffered a major data breach Data Breach
After falling victim to a ransomware attack earlier this year, CNA Financial has begun notifying its customers of a data breach that occurred as a result of the attack.
Back in March the insurance company’s systems were infected with the Phoenix Locker ransomware which cybersecurity experts believe is a new ransomware family developed by the infamous Russian cybercriminal group Evil Corp.
Now though, CNA has revealed that 75,349 of its customers were affected by a data breach which proceeded the ransomware attack.
In a data breach notification sent out to affected customers, CNA explained that the cybercriminals behind the attack copied some information from its systems before deploying their ransomware, saying:
“The investigation revealed that the threat actor accessed certain CNA systems at various times from March 5, 2021 to March 21, 2021. During this time period, the threat actor copied a limited amount information before deploying the ransomware. However, CNA was able to quickly recover that information and there was no indication that the data was viewed, retained or shared. Therefore, we have no reason to suspect your information has or will be misused.”
Stolen information
After investigating which files were stolen during the attack, CNA discovered that they contained the personal information of its customers including their names and Social Security Numbers.
According to a new report from BleepingComputer, the news outlet spoke with sources familiar with the attack who told it that the cybercriminals that deployed the Phoenix Locker ransomware were able to encrypt over 15,000 devices connected to CNA’s network. At the same time though, the attackers also encrypted the computers of CNA employees working from home who were logged into its VPN during the breach.
In order to protect its customers whose information was obtained during the data breach, CNA will be offering them 24 months of free identity theft protection and credit monitoring from Experian IdentityWorks.
In addition to notifying its customers about the ransomware attack and data breach, CNA has also notified the FBI and the company is working closely with law enforcement as they conduct their own investigation into the matter.
Via BleepingComputer
After falling victim to a ransomware attack earlier this year, CNA Financial has begun notifying its customers of a data breach that occurred as a result of the attack. Back in March the insurance company’s systems were infected with the Phoenix Locker ransomware which cybersecurity experts believe is a new…
Recent Posts
- NYT Strands today — hints, answers and spangram for Wednesday, May 15 (game #73)
- Android apps will soon let you use your face to control your cursor
- Meta will shut down its Teams competitor Workplace next year
- Watch the Google I/O 2024 Developer keynote live
- Google might’ve just teased its new Smart Glass project but don’t call it Google Glass
Archives
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011