Global insurance giant AXA revealed that several of its businesses in Asia have been hit by a “targeted ransomware attack”, with the attackers claiming to have gained possession of a large amount of sensitive data.
AXA Partners revealed on Sunday that the cyberattack has affected its operations in several Asian markets, namely Thailand, Malaysia, Hong Kong and the Philippines, according to a report by the Financial Times.
AXA was attacked by a group called Avaddon, which said it was able to steal three terabytes of sensitive customer data, the report said, citing a dark web post made by the hackers. The data included personally identifiable information, including medical records, claims records, and customer IDs.
According to AXA, it formed a “dedicated task force” with the help of external forensic experts to deal with the aftermath of the attack, and it has already notified regulators and business partners of the issue.
The attack comes roughly a week after AXA announced it would stop offering reimbursement for ransomware payments in its cyber insurance policies. The move would initially apply to its home market of France, but AXA said it planned to expand it to its operations worldwide.
Insurers reimbursing ransomware payments have been criticised by officials from various sectors, who allege that it encourages victimised companies to pay the ransom, which, in turn, drives the growth of the global ransomware industry.
However, the FT report cited an anonymous source, which said that the ransomware attack happened before AXA announced its decision to stop paying ransom.
Aside from allegedly encouraging the illicit industry, paying ransomware may also cause increases in cyber insurance premiums.
According to global brokerage Aon, cyber insurance prices have rapidly risen in the past few months. In March, it said that major insurers are looking at 20% to 50% increases in cyber rates for 2021.