• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • Latest News
  • About Us
    SEARCH
Compliance, Latest News, Network Security, News

Insurance Giant CNA Knocked Offline By ‘Sophisticated’ Cyber Attack

Insurance company CNA's website says the company has disconnected its systems from its network as it investigates the attack.

March 26, 2021 Zachary Comeau Leave a Comment

CNA Cyber Attack

The onslaught of attacks against the IT and cybersecurity industry continues, and this time it’s the cyber insurance market that is coming under attack as insurance giant CNA said it was the victim of a sophisticated attack.

In a message posted to its website, the company said it sustained a “sophisticated cybersecurity attack” on March 21, which caused a network disruption and impacted certain internal systems, including the firm’s email.

After discovering the intrusion, engaging a team of third-party investigators and alerting law enforcement, the company disconnected its systems from its network, which is still functional.

Employees were provided workarounds where possible to keep the firm somewhat operational in the meantime.

“The security of our data and that of our insureds’ and other stakeholders is of the utmost importance to us,” the firm said in the message, which also included contact information and steps to file claims while the firm mitigates the threat. “Should we determine that this incident impacted our insureds’ or policyholders’ data, we’ll notify those parties directly.”

Insurance Chief: Cybersecurity Now the #1 Business Risk

Here is the full message from the firm:

On March 21, 2021, CNA determined that it sustained a sophisticated cybersecurity attack. The attack caused a network disruption and impacted certain CNA systems, including corporate email.

Upon learning of the incident, we immediately engaged a team of third-party forensic experts to investigate and determine the full scope of this incident, which is ongoing. We have alerted law enforcement and will be cooperating with them as they conduct their own investigation.

Out of an abundance of caution, we have disconnected our systems from our network, which continue to function. We’ve notified employees and provided workarounds where possible to ensure they can continue operating and serving the needs of our insureds and policyholders to the best of their ability.

The security of our data and that of our insureds’ and other stakeholders is of the utmost importance to us. Should we determine that this incident impacted our insureds’ or policyholders’ data, we’ll notify those parties directly.

We have established the following dedicated email inboxes to meet the needs of our insureds and policyholders:

To report a new claim, please contact: 1.877.262.2727, Option 2. For all other losses, please email (not fax) all new losses to ClaimFNOLbackup@cna.com. For distribution and underwriting support, please contact one of the following:

  • Commercial: CommercialUnderwritingbackup@cna.com
  • Specialty: SpecialtyUnderwritingbackup@cna.com

For U.S. Operations, please contact one of the following or call:

  • Direct Bill: 1.877.276.7507
  • Agent Customer Service: 1.877.574.0540
  • Policy Service: policyservicebackup@cna.com
  • Billing and Collections: billingandcollectionsbackup@cna.com

We are committed to keeping you apprised of the latest developments. Thank you for your patience.

Bleeping Computer, citing the Insurance Information Institute, said CNA is the sixth largest commercial insurance company in the U.S., and offers a wide range of insurance products, including cyber insurance.

Attacking a cybersecurity insurer could give threat actors valuable data and a list of potential targets that could be more likely to pay a ransom. However, we currently know very little about this attack, including if it is even a ransomware attack.

This also illustrates how threat actors are evolving and targeting big companies with valuable data on hundreds of thousands of smaller companies. We saw this with the compromise of SolarWinds and Microsoft Exchange Server, which combined led to the compromise of tens of thousands of organizations.

Related Content:

  • Belkin Reengineers BOOSTCHARGE PRO 3-in-1 Wireless Charging Stand…
  • Blue Yonder Recognized as a Finalist for the…
  • Confluent Recognized as the Winner of 2022 Microsoft…
  • Cadence Expands Collaboration with Arm to Accelerate Mobile…

Free downloadable guide you may like:

  • Windows 11Blueprint Series: Upgrading to Windows 11

    Upgrading end users to Windows 11 could be one of the most challenging tasks IT has to face in the coming years. Although the new version is touted to provide many benefits, including some important security enhancements, when and how to roll out the upgrade will vary significantly by organization.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Windows 11
Blueprint Series: Upgrading to Windows 11

Upgrading end users to Windows 11 could be one of the most challenging tasks IT has to face in the coming years. Although the new version is touted...

The State of the IT Department in 2022

The role of the IT professional has shifted from one that supports the business to one that is deserving of a seat at the table when it comes to ma...

Hybrid Work Challenges
The Three Most Common Hybrid Work Challenges Two Years Into the Pandemic

Many of us have been working in a hybrid environment for two years now. Our editors thought this would be a good time to take a look at what’s work...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2022 Emerald X, LLC. All rights reserved.