AXA under ransomware attack
Bleeping Computer colleagues recently reported that the Avaddon ransomware group claimed on their website that they have stolen around 3TB of sensitive data from the Asian servers of the insurance giant AXA which, in particular, covers countries like Malaysia, Thailand, Hong Kong. and Philippines. Furthermore, a Distributed Denial of Service (DDoS) attack appears to have been conducted on the brand's international servers.Photo credit - depositphotos .com According to reports directly from Avaddon, the stolen data includes medical documents, complaints , payments, scanned documents relating to bank accounts, material reserved for doctors and hospitals, identification documents (identity cards, passports, driving licenses, etc.), medical bills and more of many of the company's customers. The group stated that AXA has only ten days to contact and cooperate, otherwise the data will be disseminated online.
AXA, contacted directly by Bleeping Computer for comment on the matter, said:
Asia Assistance was recently the victim of a targeted ransomware attack that impacted its IT operations in Thailand, Malaysia, Hong Kong and the Philippines. As a result, it was possible to access some data processed by Inter Partners Assistance (IPA) in Thailand. At present, there is no evidence that other data has been consulted beyond IPA in Thailand. A dedicated task force with external forensic experts is investigating the incident. Regulators and business partners have been informed. AXA takes data privacy very seriously and if IPA's investigations confirm that any individual's sensitive data has been affected, steps will be taken to inform and support all involved.
Unfortunately, as we have reported to you on more than one occasion over the last few weeks, it seems that attacks of this type are now on the agenda and, just today, we reported that the DarkSide group, after attacking Colonial Pipeline, it targeted Toshiba.
At the moment, AXA has not provided any comment regarding the ransom requested by Avaddon.
On Amazon you can find the 32GB kit of G. Skill Trident Z RGB DDR4-3600 at a very attractive price.
Ransomware attack hits 4 Asian countries of AXA subsidiary
A targeted ransomware attack hit four countries among the Asian operations of Axa Partners, the international subsidiary of Axa insurance group, with some data in Thailand accessed, Axa Partners says
ByThe Associated Press
May 17, 2021, 11:19 AM
• 2 min read
Share to FacebookEmail this articlePARIS -- A targeted ransomware attack hit four countries among the Asian operations of Axa Partners, the international subsidiary of Axa insurance group, with some data in Thailand accessed, Axa Partners said.
The attack and its full impact were being investigated. If the investigation “confirms that sensitive data of any individuals have been affected, the necessary steps will be taken to notify and support all corporate clients and individuals impacted,” the company said a brief statement Sunday. It noted the attack was recent, but did not specify when exactly it occurred.
The ransomware attack impacted information technology operations in Thailand, Malaysia, Hong Kong and the Philippines, the statement said. “As a result, certain data processed by Inter Partners Asia (IPA) in Thailand has been accessed,” it said.
The statement added that “regulators and business partners have been informed.”
News of the Asia attack was first reported by the Financial Times, which said that cybercriminals using ransomware called Avaddon stole data that included customer information, medical records and claims. Hospital and doctors’ information was also filched, the FT reported.
AXA, among Europe’s top five insurers, said this month that it will stop writing cyber-insurance policies in France that reimburse customers for extortion payments made to ransomware criminals. The Paris-based group said it was suspending the option in France only in response to growing concern that such reimbursements encourage cyber criminals to demand ransom from companies they prey on, crippling them with malware. Once victims of ransomware pay up, criminals provide software keys to decode the data.
The top victims of ransomware are in the United States, followed by France, experts say. The extent of damage, and payouts, in Asian countries was not immediately clear.
Ransomware attacks returned to headlines this month after hackers struck the United States’ largest fuel pipeline, the Colonial Pipeline, and the company shut it down for days to contain the damage.