Insurance giant AXA has been hit by a ransomware attack just days after dropping its ransomware insurance policies.
Last week, AXA said it would be dropping ransomware insurance policies that would give organisations a payout in the event they were hacked and subsequently extorted by cybercriminals.
Now, in what can only be construed as a cruel, almost comedic turn of events, AXA itself has been hit by a ransomware attack, with the company’s Asian branches targeted.
AXA’s branches in Thailand, Malaysia, Philippines and Hong Kong have been hit by a ransomware attack, with hackers claiming they have accessed more than 3-terabytes of sensitive data.
Included in that trove of data, according to the hackers, are customer medical reports – which is also said to expose their sexual health problems – as well as identification documents, bank account statements, payment records, contracts and details of individual claims.
In addition to the ransomware attack, AXA has also been hit by a series of distributed denial of service (DDos) attacks on its global websites that made the insurance giant’s website completely inaccessible for a number of hours.
A ransomware group by the name of Avaddon has taken responsibility for the ransomware attacks launched against AXA, just days after the company announced it would stop underwriting policies that included payouts in the event of a ransomware attack.
AXA Hit by Ransomware Attack Days After Dropping Ransomware Insurance
The group told AXA that the insurance giant has around 10 days to get in contact and meet their demands, otherwise risking the publication of massive amounts of sensitive information on their customers.
AXA has responded to the claims, telling Bleeping Computer that there is “no evidence” to suggest that data beyond one of its Thai operations was accessed.
“Asia Assistance was recently the victim of a targeted ransomware attack which impacted its IT operations in Thailand, Malaysia, Hong Kong and the Philippines.”
The insurer continued to explain that “a dedicated taskforce with external forensic experts is investigating the incident. Regulators and business partners have been informed.”
“As a result, certain data processed by Inter Partners Assistance (IPA) in Thailand has been accessed. At present, there is no evidence that any further data was accessed beyond IPA in Thailand.
“AXA takes data privacy very seriously and if IPA’s investigations confirm that sensitive data of any individuals have been affected, the necessary steps will be taken to notify and support all corporate clients and individuals impacted,” the company spokesperson said.
AXA is yet to address any specific demands of the hacking group Avaddon.