Insurance group Axa is victim of a ransomware attack in Asia

The French insurance group Axa has confirmed that it has been the victim of a targeted ransomware attack in Southeast Asia. Axa Partners, the international arm of the Paris-based insurance company, said on Sunday that operations in Thailand, Malaysia, Hong Kong and the Philippines have been affected. The Financial Times previously reported about this ransomware attack.

According to this, a group of cyber criminals called Avaddon has the Axa partner in Asia attacked and three Tbytes of data stolen. This emerged from a post on the dark web that the Financial Times saw. The data comes from the four previously mentioned Asian countries and includes personal data of customers, medical records and insurance claims as well as data from hospitals and doctors. Avaddon published parts of this data as evidence of their ransomware attack.

Axa herself explained aloud Reuters, that the Cyber ​​attack targeting “Asia Assistance Division” would have. IT operations in Thailand, Malaysia, Hong Kong and the Philippines are affected. According to the insurance company, it has informed its customers and the authorities.

Just ten days ago, Axa temporarily stopped its own special insurance offers against ransomware attacks and is making a loud statement Associated Press no new policies of this type more out. In France – and only there – customers could insure themselves against such blackmail attempts at Axa in order to get reimbursement for ransom money paid and other damage caused by it.

Axa had been criticized for this insurance offer because it would induce insured companies to willingly pay a ransom, as it would be reimbursed by the insurance company. Government agencies and specialists, however, advise against paying to ransomware extortionists and have welcomed that Axa has discontinued this insurance offer.

Existing ransomware insurance contracts are not affected and will continue to run, according to Axa. The latest ransomware attack on Axa partners in Asia is said to have taken place only after Axa stopped offering new ransomware insurance in France.


To home page