Insurer AXA hit by ransomware attack

Attack comes just a week after AXA announced  it would no longer include reimbursement for ransomware payments in their cyber-insurance policies in France

Global insurance firm AXA recently reported a number of their branches in Asia have been on the receiving end of a ransomware attack.

IT operations in Thailand, Malaysia, Hong Kong and the Philippines were targeted and three terabytes of data have been compromised, including a range of medical reports, bank statements and ID cards.

According to cyber criminals who claimed responsibility for the hack, a ransomware called Avadoon was used and copies of two passports were offered as proof of the attack.

The websites of several AXA businesses were also subjected to a distributed denial-of-service (DDoS) attack that made accessing these sites impossible.

This attack comes just a week after AXA announced that it would no longer include reimbursement for ransomware payments in their cyber-insurance policies in France.

AXA have not yet discussed the ransom amount or if they are going to pay. Avadoon said AXA has 240 hours to cooperate with their demands or the group will release vital documents from the insurer.

The AXA attack is just one in a long line of high-profile ransomware hacks that have disestablished major enterprises and essential utilities, such as the attack one the US pipeline that led to fuel shortages across the East Coast. As a result of cyber attacks, insurance policies that cover cyber are being pushed higher.

The insurance company said in a statement to the Financial Times that data processed in a Thailand unit had been compromised: “There is no evidence that any further data was accessed. A dedicated task force with external forensic experts is investigating the incident. [If] sensitive data of any individuals have been affected, the necessary steps will be taken to notify and support all corporate clients and individuals impacted”.