AXA Hit by Ransomware Attack in Asia

Insurance group AXA is the latest victim of cyberattacks after hackers claimed to have seized three terabytes worth of sensitive data in Asia.

International insurance arm AXA Partners was a recent victim of a «targeted ransomware attack», according to a statement, which impacted its operations in Thailand, Malaysia, Hong Kong and the Philippines.

AXA said the cyberattack targeted its Asia Assistance Division and that it would notify corporate clients and individuals if found to be affected. 

«As a result, certain data processed by Inter Partners Asia (IPA) in Thailand has been accessed,» the Paris-based insurer said on Sunday, adding that there is no evidence of further data access. 

Avaddon

According to a «Financial Times» report citing a dark web post by the alleged cybercriminals, AXA was attacked by ransomware called «Avaddon» which can compromise data through theft, encryption the threat of it being publicized.

Three terabytes of data were stolen from units in Thailand, the Philippines, Hong Kong and Malaysia, the post said, including screenshots of customer identity cards, passports, bank documents, hospital bills and medical records. 

Cyber Insurance

Last week, AXA also said it would suspend the writing of insurance policies that refund the cost of random payments from cyberattacks, an offering limited to the group’s French customers. 

According to the «FT» report citing unnamed sources, the decision to make the change occurred after AXA’s ransomware attack. 

Financial Sector Cybersecurity

Financial firms continue to grapple with the challenges of increasing digital adoption while managing cybersecurity risks.

According to a recent report, more than 100 financial firms have been victims of distributed denial-of-service attacks – a method of overloading a web system with requests in order to cause operational failure – by the exact same threat actor. 

Separately, the FBI issued a warning last week about unidentified cyber actors using Avaddon to attack U.S. and foreign private sector companies, manufacturing organizations and healthcare agencies.