AXA Thailand hit by ransomware attack - sensitive customer data compromised

[webfact]

Photo credit: Data Breach Today

 

A subsidiary of French insurance firm AXA has been hit by a ransomware attack affecting operations in Thailand and several other Asian countries.

 

"Asia Assistance was recently the victim of a targeted ransomware attack which impacted its IT operations in Thailand, Malaysia, Hong Kong, and the Philippines," the company said in a statement. 

 

"Certain data processed by Inter Partners Asia (IPA) in Thailand has been accessed," the statement read.

 

The company said it would "notify and support all corporate clients and individuals impacted".

 

The Financial Times first reported the attack, adding that it came after cyber criminals using ransomware called Avaddon said on Saturday that they had hacked the group’s Asia operations and stolen three terabytes of data, in a dark web post seen by the newspaper.

 

Cybersecurity site Data Breach Today reported that some of the data compromised includes ID cards, bank account statements, customer medical reports including documents exposing sexual health diagnoses, claim forms, payment records, contracts and medical reports on HIV, sexually transmitted diseases and other illnesses, the attackers’ leak site states.

 

Earlier this month, AXA announced it would stop writing cyber-insurance policies in France that reimburse customers for extortion payments made to ransomware criminals.

 

-- © Copyright Thai Visa News 2021-05-18

 

- Whatever you're going through, the Samaritans are here for you

- Follow Thaivisa on LINE for breaking COVID-19 updates

[ThailandRyan]

So much sensitive Data locked away now, that until this gets resolved they will not even be able to process Insurance claims for the customers.  Wonder what the ransom cost was.  and wonder if they used a standalone computer as a back-up or stored the information in a secured location to where they can restore the information easily if needed.  I know easier said than done.  Someone opened up an e-mail or went to a site which allowed the hackers to get into the system, either that or it was easily entered.

[Excel]

2 minutes ago, ThailandRyan said:

So much sensitive Data locked away now, that until this gets resolved they will not even be able to process Insurance claims for the customers.  Wonder what the ransom cost was.  and wonder if they used a standalone computer as a back-up or stored the information in a secured location to where they can restore the information easily if needed.  I know easier said than done.  Someone opened up an e-mail or went to a site which allowed the hackers to get into the system, either that or it was easily entered.

Huge problems worldwide now. Strangely last week I started the process of reverting back to not keeping anything in "the cloud" either.  Downloading TBs of info to my own hard drives again and I will then only access any sensitive info I need from my spare pc not connected to the internet.  Full circle after 30 years I guess.

[ThailandRyan]

41 minutes ago, Excel said:

Huge problems worldwide now. Strangely last week I started the process of reverting back to not keeping anything in "the cloud" either.  Downloading TBs of info to my own hard drives again and I will then only access any sensitive info I need from my spare pc not connected to the internet.  Full circle after 30 years I guess.

unfortunately that's what's needed. external drive used as a back up, thumbprint verification as well as 2 step verification.  just reset the GF's phone to add the different features for her as well as adding a VPN.  Back-up numbers also set on a separate phone i keep locked up.

[Rampant Rabbit]

52 minutes ago, Excel said:

Huge problems worldwide now. Strangely last week I started the process of reverting back to not keeping anything in "the cloud" either.  Downloading TBs of info to my own hard drives again and I will then only access any sensitive info I need from my spare pc not connected to the internet.  Full circle after 30 years I guess.

I never  have or ever  would  store  anything anywhere than on my own equipment. Too  much reliance on cloud  storage.

[John Drake]

And your insurance rates just went up.

[Peterw42]

7 minutes ago, Rampant Rabbit said:

I never  have or ever  would  store  anything anywhere than on my own equipment. Too  much reliance on cloud  storage.

A ransomware attack usually means "your" computer (and any attached storage) is locked and requires a ransom. 

Storing data elsewhere (cloud) is a positive step to avoid the ramifications of a ransomware attack.

Unless Onedrive, googledrive, dropbox etc become victims off a ransomware attack, Your data is safer, an always accessible, in the cloud.

[Enzian]

What about just tell Russia to put a stop to this or the cold war is restarted? They could do it. It's all coming from Russia and eastern Europe to entities outside those areas, at least according to the media. 

[Ken Jones]

sure hope they dont punish my "status" bars might not let me in

[Srikcir]

4 hours ago, Enzian said:

What about just tell Russia to put a stop to this or the cold war is restarted? They could do it. It's all coming from Russia and eastern Europe to entities outside those areas, at least according to the media. 

And/or North Korea?

[OJAS]

6 hours ago, Peterw42 said:

Unless Onedrive, googledrive, dropbox etc become victims off a ransomware attack, Your data is safer, an always accessible, in the cloud.

 

"Unless Onedrive, googledrive, dropbox etc become victims off a ransomware attack"

 

A big "if" (or, more to the point, "if not"), I think.

 

"always accessible"

 

Provided that your internet connection doesn't go down when you need to access your "cloud" data, of course.

[Susco]

7 hours ago, ThailandRyan said:

just reset the GF's phone to add the different features for her as well as adding a VPN.  Back-up numbers also set on a separate phone i keep locked up.

 

And you all did that just now? Amazing

 

Your GF must have a very high ranking function in a multinational

[Enzian]

1 hour ago, Srikcir said:

And/or North Korea?

I thought about that though it seems the Russia-East Europe is the one we are hearing about lately; and you gotta start somewhere. And we are already in a cold war w/ North Korea, at least in their minds. This is not a topic I follow, not my area at all, but I would hope and expect the CIA "Intelligence" community is doing some overtime on this that can't be discussed; anyone know?

[Rampant Rabbit]

8 hours ago, Peterw42 said:

A ransomware attack usually means "your" computer (and any attached storage) is locked and requires a ransom. 

Storing data elsewhere (cloud) is a positive step to avoid the ramifications of a ransomware attack.

Unless Onedrive, googledrive, dropbox etc become victims off a ransomware attack, Your data is safer, an always accessible, in the cloud.

I control what is and isn't  opened.

[RichardColeman]

Funny that Thailand appears to be under attack both digitally and biologically by the same people flogging them vaccines

[mbenson]

It doesn't sound like a ransomware attack unless the hackers asked for money to return the data and promise not to leak it. Who would trust them and pay?

 

I just read the Data Breach article and they did say they would not leak the data if they were paid a fee. However the article contradicts itself saying that data was stolen and then saying that the software that was used encrypts the data and ransom results in getting info that enables decrypting the data. It sounds to me that it was data theft not encryption.

The article further states that some of the malware that these guys use detects whether the systems are in stated of the former Soviet Union by checking the language packs that are installed. This was also true of the malware used in the pipeline company attack in USA.

Edited May 18, 2021 by mbenson
corrected errors

[metisdead]

A post that was posted in the wrong topic has been removed. 

[unblocktheplanet]

Really, really, really hard to work up crocodile tears for any greedy insurance scammers. They soooo deserve it!