CNA Financial's reported $40M ransom payment likely a record

Cybersecurity Dive

Samantha Schwartz

Dive Brief:
Insurance company CNA Financial reportedly paid its attackers $40 million following a ransomware attack disclosed in March, Bloomberg reported Thursday.

The company worked with federal law enforcement and followed guidance from the Department of Treasury's Office of Foreign Assets Control (OFAC), a
CNA spokesperson told Cybersecurity Dive. "Due diligence efforts concluded that the threat actor responsible for the attack is a group called Phoenix," which is not on OFAC's list of prohibited entities.

CNA said in March the company disconnected its systems from its networks to contain the threat. The company's security team deployed additional endpoint detection and monitoring tools. CNA confirmed the threat actor was...

Get the Morning Update

Thanks for subscribing!