Credit: CC0 Public Domain
A March cyberattack that unopen down systems astatine Chicago-based security elephantine CNA exposed the idiosyncratic accusation of thousands of employees, contractors and policyholders, the institution revealed successful a Securities and Exchange Commission filing Monday.
More than 75,000 radical were affected by the hack, which revealed names, idiosyncratic recognition and Social Security numbers, according to a information breach notification filed with the Maine lawyer general's bureau successful July.
"We are not releasing further accusation beyond what is posted connected CNA.com and what was successful our caller filings," the institution said successful an emailed connection Tuesday.
CNA discovered the "sophisticated ransomware attack" connected March 21, with an probe revealing that the hackers accessed institution systems and copied a "limited magnitude of information" earlier deploying the ransomware, according to a July announcement posted by CNA. The institution said astatine the clip determination was "no denotation that the information was viewed, retained oregon shared."
In July, CNA notified the radical whose information was exposed and offered them 2 years of escaped recognition monitoring service.
The March cyberattack caused a web disruption that affected definite systems, including firm email. It besides unopen down the functionality of CNA's website, reducing it to a static display. CNA paid the hackers $40 cardinal to regain power of its systems, according to Bloomberg.
In its SEC filing Monday, CNA said it whitethorn beryllium taxable to "investigations, fines oregon penalties" arsenic good arsenic ineligible claims related to the information breach. The insurance company besides disclosed that its ain security policies whitethorn not screen imaginable damages.
"Although we support cybersecurity security sum insuring against costs resulting from cyberattacks (including the March 2021 attack), we bash not expect the magnitude disposable nether our sum and/or our sum argumentation to screen each losses," the institution said successful its filing. "Costs and expenses incurred and apt to beryllium incurred by the company successful transportation with the March 2021 onslaught see some nonstop and indirect costs and not each whitethorn beryllium covered by our insurance coverage."
CNA Financial, which has 5,800 employees worldwide, is 1 of the largest commercialized spot and casualty security companies successful the U.S., generating $10.8 cardinal successful gross past year, according to fiscal reports.
©2021 Chicago Tribune.
Distributed by Tribune Content Agency, LLC.
Citation: CNA cyberattack successful March exposed idiosyncratic accusation of much than 75,000 people, filings uncover (2021, November 3) retrieved 3 November 2021 from https://techxplore.com/news/2021-11-cna-cyberattack-exposed-personal-people.html
This papers is taxable to copyright. Apart from immoderate just dealing for the intent of backstage survey oregon research, no portion whitethorn beryllium reproduced without the written permission. The contented is provided for accusation purposes only.
English (US) ·