It caused network disruption and impacted corporate emails
Commercial insurance provider CNA Hardy was hit by a “sophisticated” ransomware attack on 21 March, which impacted its operations and email system.
The firm issued a statement regarding the online attack on its website.
This said: “On 21 March, CNA determined that it sustained a sophisticated cyber security attack.
”The attack caused a network disruption and impacted certain CNA systems, including corporate emails.
“Upon learning of the incident, we immediately engaged a team of third-party forensic experts to investigate and determine the full scope of this incident, which is ongoing.
“We have alerted law enforcement and will be cooperating with them as they conduct their own investigation.
“Out of an abundance of caution, we have disconnected our systems from our network, which continues to function.
”We’ve notified employees and provided workarounds where possible to ensure [staff] can continue operating and serving the needs of our insureds and policyholders to the best of their ability.
“The security of our data and that of our insureds and other stakeholders is of the utmost importance to us.
”Should we determine that this incident impacted our insureds’ or policyholders’ data, we’ll notify those parties directly.”
CNA Hardy added that it has established a series of contacts and email addresses for insureds and policyholders to use if they wish to have more information on the event and the possible ramifications.
Insurance Times has contacted the firm for further comment.