One week after the French branch of cyber insurance giant AXA said it would no longer write policies to cover ransom payments, the company’s operations in Thailand, Malaysia, Hong Kong and the Philippines were affected … by a ransomware attack.
Like Financial Times reports that the ransomware gang Avaddon posted on its website over the weekend that it had stolen data worth 3 terabytes, including:
- customer identity information, including scanning of passports and identity documents
- medical records of clients, hospital bills and claims
According to FT, AXA says that the compromised data was processed in a unit called Inter Partners Asia based outside Thailand, and that “there is no evidence of access to additional data”.
On its Facebook page, AXA Phillippines said that its web portal MyAXA is currently “experiencing technical problems” and that customers with urgent problems should call the company’s customer service hotline.
The MyAXA web portal is currently unavailable. We apologize for the inconvenience.
Please be sure that we are working on this. In the meantime, please contact your AXA financial partner for any inquiries or concerns. Thank you.
There is no shared information on how much ransom the Avaddon gang wants from AXA or whether AXA has excluded the ransom payment or not.
As I reported in March, some gangsters said they targeted companies that have cyber insurance (believing they are more likely to pay) … before hitting the insurance company itself.
Did you find this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.