Chicago-based CNA Financial, one of the country’s largest insurance providers, has been hit by a cyber attack that’s left its website out of action and many network systems disrupted.
The insurance firm is the sixth-largest in the US and offers an extensive range of products, including policies against cyber attacks.
On March 21, the firm revealed it sustained a sophisticated cyber security attack.
“The attack caused a network disruption and impacted certain CNA systems, including corporate email,” the company statement read.
“Upon learning of the incident, we immediately engaged a team of third-party forensic experts to investigate and determine the full scope of this incident, which is ongoing. We have alerted law enforcement and will be cooperating with them as they conduct their own investigation.”
It added that it disconnected systems from its network, “out of an abundance of caution,” notified employees, and provided workarounds where possible to ensure they can continue operating.
“The security of our data and that of our insureds ’and other stakeholders is of the utmost importance to us. Should we determine that this incident impacted our insureds’ or policyholders’ data, we’ll notify those parties directly,” said the company.
CNA has also set up several email addresses to keep in contact with policyholders.
According to The Insurer, a publication serving the insurance industry, CNA’s network may be out of commission for a while, with the attack mainly impacting the underwriting and claims side of its business.
According to a tweet by Joshua Motta, CEO of security firm Coalition, there are rumors that the incident could be a ransomware attack. He added this could be a “nightmare scenario if cyber insurance policyholder data [is] compromised.”
Such data could give hackers information on how much money insurers could payout if a policyholder is attacked in the future. That would mean a hacker has more leverage over a victim, as they know how much money the insurer would pay out as a ransom. Such data could allow hackers to prioritize victims with larger or more comprehensive insurance policies.
CNA hasn’t yet revealed any further details of the attack or any lost or stolen data.
-
Cleo attack victim list grows as Hertz confirms customer data stolen – and security experts say it won't be the lastNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackersNews Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Healthcare systems are rife with exploits — and ransomware gangs have noticedNews Nearly nine-in-ten healthcare organizations have medical devices that are vulnerable to exploits, and ransomware groups are taking notice.
-
Alleged LockBit developer extradited to the USNews A Russian-Israeli man has been extradited to the US amid accusations of being a key LockBit ransomware developer.
-
February was the worst month on record for ransomware attacks – and one threat group had a field dayNews February 2025 was the worst month on record for the number of ransomware attacks, according to new research from Bitdefender.
-
CISA issues warning over Medusa ransomware after 300 victims from critical sectors impactedNews The Medusa ransomware as a Service operation compromised twice as many organizations at the start of 2025 compared to 2024
-
More than 300,000 US healthcare patients impacted in suspected Rhysida cyber attacksNews Two US healthcare organizations have warned threat actors were able to breach their internal systems, exposing more than 300,000 individuals.
-
‘It’s your worst nightmare’: A batch of €5 hard drives found at a flea market held 15GB of Dutch medical records – and experts warn it could’ve caused a disastrous data breachNews Robert Polet made a startling discovery after finding hard drives on sale for €5 each in a flea market.
