Month: May 2021

CNA Financial, one of the largest US insurance companies, paid $40 million as ransom following a cyberattack that occurred in March 2021, according to a report from Bloomberg. Two people familiar with the attack who asked not to be named because they weren’t authorized to discuss the matter publicly, provided some details.

“According to the two people familiar with the CNA attack, the company initially ignored the hackers’ demands while pursuing options to recover their files without engaging with the criminals. But within a week, the company decided to start negotiations with the hackers, who were demanding $60 million. Payment was made a week later, according to the people.”

In a security incident update published on May 12, 2021, CNA said it did “not believe that the systems of record, claims systems, or underwriting systems, where the majority of policyholder data – including policy terms and coverage limits – is stored, were impacted.”

CNA is not commenting on the ransom.

Read more about it here.

Personal data of 270 million Indonesians was allegedly leaked and sold on a hacker platform this month, Indonesia authorities said on May 20, 2021.

A user that goes with the handle Kotz posted on hacker forum “Raid Forums” samples of data belonging to Indonesian citizens. The leaked records include names, citizenship identity numbers, residential addresses, and phone numbers of one million Indonesian citizens. A spokesman for the Communication and Information Ministry said that it was probing 100,002 samples, far fewer than claimed. The spokesman, Mr. Dedy Permadi, also said the data, such as card numbers, family information and payment status, was allegedly “identical” to those held by the Healthcare and Social Security Agency, BPJS Kesehatan, which runs Indonesia’s universal healthcare program.

The Healthcare and Social Security Agency, BPJS Kesehatan, is investigating the possible source of the leak.

Read more about it here.

A cyberattack forced the shutdown of one of the largest pipelines in the United States, the Colonial Pipeline facility. The pipeline carries gasoline, diesel and jet fuel over 5,500 miles from Texas to New York, and moves about 45% of all fuel consumed on the East Coast. The incident did not cause immediate disruptions because of reduced energy demand due to the ongoing COVID-19 pandemic.

“In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our I.T. operations,” reads a statement issued by the company.

Russian criminal group DarkSide is suspected to be responsible for the attack.

Read more about it here.