18 May 2021

French insurance giant AXA hit by a ransomware attack


French insurance giant AXA hit by a ransomware attack

AXA’s Asia Assistance division has suffered a ransomware attack which impacted IT operations in Thailand, Malaysia, Hong Kong and the Philippines. The attack comes days after AXA, one of the world's biggest cyber insurance companies, announced it will stop paying for ransomware crime payments in France.

At the time AXA said that the decision was made in response to concerns aired by French justice and cybersecurity officials about the devastating global epidemic of ransomware.

The perpetrator behind the ransomware attack on AXA appears to be the Avaddon ransomware gang. In a dark web post the group claimed responsibility for the incident and said that they stole over 3 TB of data from the company, including ID cards, passport copies, customer claims, reserved agreements, denied reimbursements, payments to customers, contracts and reports, all customers IDs and all customers bank account scanned papers, customer medical reports (including HIV, hepatitis, STD, and other illness reports), and other info.

AXA has confirmed that the intruders may have stolen some information from its systems, but the company believes only data processed by Inter Partners Assistance in Thailand was accessed.

Earlier this month, the Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) have issued the alerts warning of an ongoing Avaddon ransomware campaign targeting organizations in a variety of sectors across the world.


Back to the list

Latest Posts

New LV ransomware is actually a tweaked REvil’s binary, researchers say

New LV ransomware is actually a tweaked REvil’s binary, researchers say

An analysis of the LV ransomware binary revealed that LV is a modified version of the REvil 2.03 beta binary.
24 June 2021
MITRE introduces D3FEND framework for tailoring defenses against cyber threats

MITRE introduces D3FEND framework for tailoring defenses against cyber threats

Funded by the US National Security Agency, the D3FEND framework is still in the experimental research phase.
24 June 2021
The European Commission proposes a joint security unit to counter “serious cyber incidents”

The European Commission proposes a joint security unit to counter “serious cyber incidents”

The Joint Cyber Unit will be operational by June 2022 and should be fully established by 2023.
24 June 2021