International insurance coverage dealer Aon on Monday revealed that it’s investigating a cyber incident impacting a few of its programs.
In a quick assertion submitted to the U.S. Securities and Change Fee (SEC), Aon stated it detected a cyber incident on February 25. The investigation carried out till the SEC was notified confirmed that solely a “restricted variety of programs” have been impacted.
“The incident has not had a major impression on the Firm’s operations,” Aon stated.“Though the Firm is within the early phases of assessing the incident, based mostly on the data at the moment identified, the Firm doesn’t anticipate the incident to have a cloth impression on its enterprise, operations or monetary situation.”
Aon gives threat, insurance coverage, reinsurance, retirement, and well being options. The corporate has roughly 50,000 workers throughout 120 nations and an annual income of greater than $10 billion.
A lot of a majority of these disclosures are triggered by ransomware assaults, however that doesn’t seem like the case.
Aon has not shared any extra particulars in regards to the incident in its SEC submitting, however the firm informed SecurityWeek that this was not a ransomware assault — there was no encryption of recordsdata and the breach didn’t contain another kind of malware. At this stage in its investigation, the corporate has no concrete proof of particular information being impacted.
“The cyberattack on AON is a warning signal to each insurance coverage firm that they’re a preferred goal to risk actors. The precious information held by insurance coverage firms is a gorgeous goal for cyber criminals, which signifies that the trade has to be sure that they implement options which prevents information from being breached,” Sam Linford, VP Channel & MSSP EMEA at Deep Intuition, stated by way of electronic mail.
“AON have been in a position to restrict the impression of the assault to some programs resulting from appearing shortly and having a response methodology in place. Assaults on the insurance coverage trade can have a major impression on each prospects and workers because of the extremely delicate information they maintain. Subsequently, insurance coverage organisations should be certain that they’ve a cybersecurity answer which might cease the potential for their information being stolen.”
A number of main insurance coverage firms disclosed cybersecurity incidents final 12 months, together with AXA, CNA, and Pan-American Life.
*up to date with data that the incident didn’t contain ransomware
Associated: Legislation Enforcement Blowback, Cyber Insurance coverage Renewals Powering Anti-Ransomware Success
Associated: Courtroom Awards Merck $1.4B Insurance coverage Declare Over NotPetya Cyberattack
Associated: The Wild West of the Nascent Cyber Insurance coverage Trade
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He labored as a highschool IT trainer for 2 years earlier than beginning a profession in journalism as Softpedia’s safety information reporter. Eduard holds a bachelor’s diploma in industrial informatics and a grasp’s diploma in laptop methods utilized in electrical engineering.
Tags: