Cyber insurance giant AXA hit by ransomware attack after saying it would stop covering ransom payments

Well, this is awkward.

Graham Cluley
@gcluley

cyber insurance giant AXA hit by ransomware attack after saying it would stop covering ransom payments

Ouch.

One week after the French branch of cyber insurance giant AXA said that it would no longer be writing policies to cover ransomware payments, the company’s operations in Thailand, Malaysia, Hong Kong, and the Phillippines have reportedly been hit… by a ransomware attack.

As the Financial Times reports, the Avaddon ransomware gang posted on its website over the weekend that it had stolen 3 terabytes worth of data, including:

  • customers’ personally identifiable information, including scans of passports and ID documents
  • customers’ medical records, hospital bills, and claims

According to the FT, AXA says the compromised data was processed in a unit called Inter Partners Asia based out of Thailand, and that “there is no evidence that any further data was accessed.”

On its Facebook page, AXA Phillippines said that its MyAXA web portal was currently “experiencing technical issues”, and that customers with urgent concerns should phone the company’s customer care hotline.

Important advisory

The MyAXA web portal is currently inaccessible. We apologize for the inconvenience.

Please be assured that we are working on the issue. In the meantime, please reach out to your AXA financial partner for any inquiries or concerns. Thank you.

No information has been shared regarding how large a ransom the Avaddon gang are demanding from AXA, or whether AXA has ruled out paying a ransom or not.

Sign up to our newsletter
Security news, advice, and tips.

As I reported in March, some ransomware gangs have said that they specifically target firms who have cyber insurance (believing they are more likely to pay up)… before then hitting the insurance company itself.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

One comment on “Cyber insurance giant AXA hit by ransomware attack after saying it would stop covering ransom payments”

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.