IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

French insurer AXA suffers ransomware attack in Asia

Cyber criminals claim to have stolen 3TB of data including medical records and passport screenshots

Insurance group AXA has confirmed that one of its Asian business units has experienced a cyber attack, with a criminal group stating it used Avaddon ransomware to do so.

“Asia Assistance was recently the victim of a targeted ransomware attack which impacted its IT operations in Thailand, Malaysia, Hong Kong, and the Philippines. As a result, certain data processed by Inter Partner Assistance (IPA) in Thailand has been accessed,” a spokesperson for Axa Partners, the international arm of the company, told IT Pro in a statement. 

The company said there was no evidence that any further data was accessed beyond IPA in Thailand and added that a dedicated taskforce with external forensic experts is investigating the incident.

“AXA takes data privacy very seriously and if IPA’s investigations confirms that sensitive data of any individuals have been affected, the necessary steps will be taken to notify and support all corporate clients and individuals impacted,” it added.

Cyber criminals using Avaddon ransomware said on Saturday they had hacked the group’s Asian operation and stolen 3TB of data, in a dark web post seen by the Financial Times.

Related Resource

The definitive guide to IT security

Protecting your MSP and your customers

The definitive guide to IT security for MSPs - whitepaper from LiongardDownload now

The post outlined that the information stolen included customers’ personally identifiable information, medical records and claims. It also included ID and passport screenshots, bank documents, hospital bills and patient medical records.

At the beginning of May, AXA announced it would stop writing cyber insurance policies in France that reimburse customers for extortion payments made to ransomware criminals, as reported by the AP. It said it was suspending the option in response to concerns from French justice and cyber security officials on the increase of ransomware globally.

This ransomware attack follows the Colonial Pipeline incident in the US that occurred last week, where the Georgia-based company reportedly paid a $5 million ransom in virtually untraceable cryptocurrency to try and fix its computer systems after being targeted by DarkSide. The hackers sent the firm a decryption tool to fix its systems but this was apparently too slow to fix problems, leaving the company relying on backups to restore systems.

Featured Resources

Accelerating healthcare transformation through patient-centred medtech solutions

Seize the digital transformation opportunities to streamline patient care and optimise patient outcomes

Free Download

Big payoffs from big bets in AI-powered automation

Automation disruptors realise 1.5 x higher revenue growth

Free Download

Hyperscaler cloud service providers top ten

Why it's important for companies to consider hyperscaler cloud service providers, and why they matter

Free Download

Strategic app modernisation drives digital transformation

Address business needs both now and in the future

Free Download

Recommended

UK and Japan strike digital partnership to collaborate on IoT security, semiconductors
Policy & legislation

UK and Japan strike digital partnership to collaborate on IoT security, semiconductors

7 Dec 2022
Why Japan finds it so hard to digitally transform
digital transformation

Why Japan finds it so hard to digitally transform

1 Dec 2022
MSG giant Ajinomoto's chipmaking foray helps break financial records
Business strategy

MSG giant Ajinomoto's chipmaking foray helps break financial records

30 Nov 2022
India to trial digital rupee from December 2022
digital currency

India to trial digital rupee from December 2022

30 Nov 2022

Most Popular

Empowering employees to truly work anywhere
Sponsored

Empowering employees to truly work anywhere

22 Nov 2022
Larger monitors aren't all they're cracked up to be
monitors

Larger monitors aren't all they're cracked up to be

3 Dec 2022
Defra's legacy software problem 'threatens' UK gov cyber security until 2030
Business strategy

Defra's legacy software problem 'threatens' UK gov cyber security until 2030

6 Dec 2022