Skip to content

CNA reports data leak affecting nearly 75,000 individuals

Following the ransomware attack insurance giant CNA face in March, the company is now notifying customers of a data breach stemming from the Phoenix Cryptolocker.

In a letter notifying customers of the breach, CNA revealed that “the threat actor accessed certain CNA systems at various times from March 5, 2021, to March 21, 2021”. According to the breach information filed with the office of Maine’s Attorney General the company reports that the data breach affected about 75,349 individuals. 

In an attempt to restore confidence and protect its customers the company is offering 24 months of complimentary credit monitoring and fraud protection through Experian’s IdentityWorks. CNA has also opened a toll-free hotline for people to enquire about the incident. 

In the News: Android users scammed of over $350,000 by nearly 200 crypto mining apps


Recovering from a major incident

In the attack carried on 21 March, Phoenix Cryptolocker threat actors encrypted about 15,000 devices since they deployed the ransomware payload on CNA’s systems. Even the remote workers’ systems that were logged into the company’s VPN were encrypted. 

The Pheonix Locker is believed to be developed by the Evil Corp hacking group based on code similarity. The FBI has been notified and is cooperating with CNA to help conduct their investigation. 

What is Ransomware? How to secure yourself against it

While the company was able to restore their servers and claimed to be a “fully-restored state”. Since then, after discovering the data breach and going through the files involved, the company discovered that stolen files contained personal information, including names and social security numbers. 

More specifically, the threat actor was able to access CNA’s servers between 5 March to 21 March and copied a ‘limited amount of information before the ransomware was actually deployed. 

CNA claims to have been “able to quickly recover that information and there was no indication that the data was viewed, retained or shared.”

In the News: Advances in AI lets legged robots adapt to new, challenging environments

Hello There!

If you like what you read, please support our publication by sharing it with your friends, family and colleagues. We're an ad-supported publication. So, if you're running an Adblocker, we humbly request you to whitelist us.

Share on facebook
Share on whatsapp
Share on twitter
Share on reddit
Share on linkedin
Share on pocket
Share on pinterest
Share on telegram
Share on stumbleupon
Share on digg
Share on tumblr
Share on email
Share on skype
Share on xing
Share on vk
Share on odnoklassniki
Share on mix








>