Cyber insurance giant AXA hit by ransomware attack after saying it would stop covering ransom payments

Well, this is awkward.

cyber insurance giant AXA hit by ransomware attack after saying it would stop covering ransom payments

Ouch.

One week after the French branch of cyber insurance giant AXA said that it would no longer be writing policies to cover ransomware payments, the company’s operations in Thailand, Malaysia, Hong Kong, and the Phillippines have reportedly been hit… by a ransomware attack.

As the Financial Times reports, the Avaddon ransomware gang posted on its website over the weekend that it had stolen 3 terabytes worth of data, including:

  • customers’ personally identifiable information, including scans of passports and ID documents
  • customers’ medical records, hospital bills, and claims

According to the FT, AXA says the compromised data was processed in a unit called Inter Partners Asia based out of Thailand, and that “there is no evidence that any further data was accessed.”

On its Facebook page, AXA Phillippines said that its MyAXA web portal was currently “experiencing technical issues”, and that customers with urgent concerns should phone the company’s customer care hotline.

Axa facebook

Important advisory

The MyAXA web portal is currently inaccessible. We apologize for the inconvenience.

Please be assured that we are working on the issue. In the meantime, please reach out to your AXA financial partner for any inquiries or concerns. Thank you.

No information has been shared regarding how large a ransom the Avaddon gang are demanding from AXA, or whether AXA has ruled out paying a ransom or not.

Sign up to our free newsletter.
Security news, advice, and tips.

As I reported in March, some ransomware gangs have said that they specifically target firms who have cyber insurance (believing they are more likely to pay up)… before then hitting the insurance company itself.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “Cyber insurance giant AXA hit by ransomware attack after saying it would stop covering ransom payments”

  1. Chris Edwards

    Did they have insurance for that? :-)

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.