Cybersecurity Insurance Company AXA Stops Covering Ransomware for French Companies and Then Gets Hit with an Attack

Posted on by Dawna M. Roberts in News June 09, 2021
https://content.infopay.net/storage/thumbnails/PPqM31hKiypVt7GWw75PoudCb49Zt0amuwhyEsdR.jpg

 In a perfect example of irony, cybersecurity insurance company AXA decides to stop covering ransomware payments and is hit with a ransomware attack a week later.

What Happened?

According to Graham Cluley, just one week after AXA, a huge cybersecurity insurance firm decided that they would “no longer be writing policies to cover ransomware payment,” offices in Thailand, Malaysia, Hong Kong, and the Philippines were hit hard with a ransomware attack.

Hot For Security reported that “AXA’s decision, which appears to be a first for the cyber insurance industry, will still reimburse companies for the cost of responding and recovering from a ransomware attack – but will not cover the often significant sums of cryptocurrency demanded by criminal gangs after they have compromised a network and encrypted or stolen data.”

They will continue to pay according to policies already in place. The change affects only new policies. Additionally, this change only affects ransomware payments in France, not other parts of the country. France is second to the U.S. in losses due to ransomware. Last year they paid out $5.5 billion to hacker gangs.

First reported by the Financial Times, “the Avaddon ransomware gang posted on its website over the weekend that it had stolen three terabytes worth of data, including:

  • Customer’s personally identifiable information (PII), including passport and I.D. documents. These can easily be used for identity theft and fraud. 
  • Customers’ medical records, hospital bills, and also claims.”

How Did AXA Respond?

The Financial Times noted that AXA said that the data came from a single location, Inter Partners Asia based out of Thailand. Their investigation showed that the hackers accessed no other information.

AXA Philippines posted a message to customers on its Facebook page saying that their MyAXA web portal was down due to technical issues. Anyone needing to speak with a representative should call the company’s hotline. The message reads:

“Important advisory
The MyAXA web portal is currently inaccessible. We apologize for the inconvenience.
Please be assured that we are working on the issue. In the meantime, please reach out to your AXA financial partner for any inquiries or concerns. Thank you.”

Unfortunately, there is no word yet how large a ransom the cybercriminals demanded or whether or not the cyber insurance giant will pay up. It is a common theme for gangs to target companies that carry cybersecurity insurance because hackers believe the payout will be larger and faster.

To Pay or Not to Pay

Whether or not to pay ransom to extortionists has become a hot potato around the globe. The U.S. is even toying with making it illegal to pay a ransom, and companies will face government sanctions if they do.

An Oxford professor and former head of the U.K.’s National Cyber Security Centre (NCSC), Ciaran Martin, believes that companies are essentially “funding organized crime by paying ransom.”

However, the argument for the other side is that it just makes sense in some cases. For example, Colonial Pipeline, whose operations were halted by a ransomware attack last week, immediately causing fuel shortages and increased oil prices. Colonial decided to pay the ransom so they could get back online and return to normal. It’s hard to argue with that logic when the devastation from a single attack sends ripples across the country.

To pay or not to pay has to be decided upon by each entity as it experiences the pain of ransomware. However, more insurance carriers are likely to follow as the losses from paying out ransom cannot be sustained for too long.
About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagram’s c... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien” is ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the country, ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% of the... Read More

FREE IDENTITY THREAT SCAN
Scan Your Records for Breaches, Leaks & Exposures!