Notice: amp_is_available was called incorrectly. `amp_is_available()` (or `amp_is_request()`, formerly `is_amp_endpoint()`) was called too early and so it will not work properly. WordPress is currently doing the `pre_get_posts` hook. Calling this function before the `wp` action means it will not have access to `WP_Query` and the queried object to determine if it is an AMP response, thus neither the `amp_skip_post()` filter nor the AMP enabled toggle will be considered. It appears the theme with slug `publisher` is responsible; please contact the author. Please see Debugging in WordPress for more information. (This message was added in version 2.0.0.) in /home/runcloud/webapps/techilive/wp-includes/functions.php on line 5313
Axa’s Asian operations hit in ransomware attack - TechiLive.in

Axa’s Asian operations hit in ransomware attack

0

Insurance group Axa said one of its Asian business units has been the victim of a “targeted ransomware attack”, after a group of cyber criminals claimed to have seized troves of sensitive data from the company.

Axa Partners, an international arm of the Paris-based insurer, said on Sunday that parts of its Asian operations were “recently the victim of a targeted ransomware attack which impacted its operations in Thailand, Malaysia, Hong Kong, and the Philippines”.

In an apparent first for the industry, Axa said last week that it would suspend the writing of cyber insurance policies that refund the cost of ransom payments made to cyber cartels. The move, which was limited to the group’s French customers, came as insurers have been blamed by some officials for encouraging companies to pay out by offering such reimbursements.

Loading...

A person familiar with the matter said the ransomware attack happened before Axa’s decision to change its approach.

Confirmation of the attack from Axa came after cyber criminals using ransomware called Avaddon said on Saturday that they had hacked the group’s Asia operations and stolen three terabytes of data, in a dark web post seen by the Financial Times.

The post said the data were taken from its units in Thailand, the Philippines, Hong Kong and Malaysia, and included customers’ personally identifiable information, medical records and claims, as well as data from hospitals and doctors.

Loading...

It also included screenshots of IDs and passport pages, bank documents, hospital bills, and medical records of patients’ personal health conditions that the hackers appeared to be sharing as proof that they had compromised the company.

The affected operations sit within Asia Assistance, which provides emergency support services, including health, to other parts of the group. Axa Partners said data processed in a Thailand unit, Inter Partners Asia, had been compromised, adding “there is no evidence that any further data was accessed”.

“A dedicated task force with external forensic experts is investigating the incident,” the company added, saying regulators and business partners have been informed.

Loading...

Axa said if it was the case that “sensitive data of any individuals have been affected, the necessary steps will be taken to notify and support all corporate clients and individuals impacted”.

AXA Philippines said on its Facebook page that it was having “technical issues” with its Emma by AXA PH app, its MyAXA web portal and its corporate website.

News of the hack comes a week after the high-profile ransomware hack of a crucial US pipeline caused East Coast fuel shortages. Ransomware attacks typically seize control of victims’ data or computer systems, only to release it if they pay a fee.

Loading...

Like many cyber criminal cartels, Avaddon maintains the ransomware, and also rents it out to others via an affiliate programme, taking a cut of any proceeds from attacks. According to cyber security experts at Malwarebytes, the FBI last week issued a warning that an unnamed group was using Avaddon to escalate attacks against US and foreign private sector companies, manufacturing groups and healthcare agencies.

The Colonial Pipeline hack has reignited the debate over whether there should be a blanket ban on victims paying ransom. Both the White House and the FBI advise against paying extortion fees, arguing that it only provides an incentive for more blackmail activities and funds criminal activity.

However, some cyber security experts argue that organisations have little choice, and a ban could push the gangs towards more vulnerable targets, such as hospitals.

Loading...

A typical cyber insurance policy would cover the ransom itself, services following the attack and data restoration or business interruption costs.

The latter is one of the “huge drivers” sending prices for cyber insurance higher, according to Sarah Stephens, head of cyber for the international division at insurance broker Marsh. The ease of launching attacks had caused an “epidemic” of ransomware incidents, she said.

Cyber insurance prices have surged in recent months as insurers pass on higher claims, with Aon, another broker, saying in March that big insurers were anticipating 20 per cent to 50 per cent rate increases throughout 2021. 

Loading...

With additional reporting by Stefania Palma in Singapore and Primrose Riordan in Hong Kong and David Keohane in Paris

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

Loading...

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Education News Click Here 

 For the latest news and updates, follow us on Google News

Loading...

Read original article here

Denial of responsibility! TechiLive.in is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – admin@techilive.in. The content will be deleted within 24 hours.

Leave a comment