CNA Financial has recently suffered a cyberattack that seemingly impacted its numerous IT systems.

CNA is a U.S.-based insurance corporation with an organization employing more than  6000 workers.

Impacting CNA:

CNA Financial has since issued statements regarding the cyberattack by calling it a “sophisticated” cyberattack. 

The CNA has addressed the cyberattack on the organization’s official website stating that the attack, which took place on Sunday resulted in its network disorder and disruption. Some of the company’s IT systems had been affected in the cyberattack including the organization’s official corporate email framework. 

CNA investigations underway:

In a prompt response to the cyberattack,  the impacted systems were taken offline, and third-party law and forensics agencies have been engaged to carry out investigations regarding the cyberattack.

CNA Financial is yet to address the details about the nature of the cyberattack and hasn’t commented whether it was an attack involving ransomware or data theft or both.

Also read,

The company has ascertained that the systems have been taken offline to carry out a proper investigation of the cyberattack and that employees and workarounds have been notified accordingly.

“Should we determine that this incident impacted our insureds’ or policyholders’ data, we’ll notify those parties directly,” stated the company.

The news came after reputed sources reported the cyberattack, stating the official website of CNA had gone down and directly towards the possibility of network disruption due to cyberattack.

CNA cyberattack highlighting rampant cyber attacks:

Experts are of the opinion that big cyber insurance providers have become primary targets for threat actors as there are significant lucrative gains by attacking giant corporations.

Back in March 2020, Chubb, the global property, health, and casualty insurance provider organization, had reportedly fallen prey to a data leak attack by the Maze gang with Chub getting listed on Maze’s public-facing data leak website.

The aforementioned cyberattack incident sheds light on the fact that while the cyber insurance market has expanded exponentially, it sparks the conflict of whether cyber insurance encourages more ransomware attacks since it highlights an organization’s willingness to pay ransom to malicious actors.