[BreachExchange] Insurance Broker Aon Discloses Cyberattack

[Terrell Byrd]

https://www.govinfosecurity.com/insurance-broker-aon-discloses-cyberattack-a-18647


Global insurance broker Aon has disclosed in a filing with the U.S.
Securities and Exchange Commission that the company suffered a cyber
incident that it says affected a limited number of systems.

"On February 25, 2022, Aon plc. identified a cyber incident impacting a
limited number of systems. Promptly upon its identification of the
incident, the company launched an investigation, and engaged the services
of third-party advisors, incident response professionals, and counsel," the
company says.

The multinational firm says there is currently no indication of a breach of
any customer information or confidential corporate information.

Investigation Underway
Aon's 8-K filing says that it is in the early stages of assessing the
incident. It say it does not expect the incident to have a material impact
on its business, operations or financial condition.

A spokesperson for Aon did not immediately confirm if the incident was a
ransomware attack, but directed Information Security Media Group to the SEC
filing. Aon has not yet provided more details of the attack. The company
only says that the attack occurred last week and affected a limited number
of systems.

Aon is a global professional services company offering a broad spectrum of
risk, retirement, cybersecurity consulting, wealth management products and
healthcare solutions. The company generated around $12.2 billion revenue in
2021 and has more than 50,000 employees in 120 countries, according to its
website.

An unnamed spokesperson for Aon reportedly told Security Week that the
incident was not a ransomware attack, there was no encryption of files and
the breach did not involve any other type of malware.

Sam Linford, vice president, Channel and MSSP, EMEA, at cybersecurity firm
Deep Instinct, says: "Aon were able to limit the impact of the attack to a
few systems due to acting quickly and having a response method in place.
Attacks on the insurance industry can have a significant impact on both
customers and employees due to the highly sensitive data they hold.
Therefore, insurance organizations must ensure that they have a
cybersecurity solution which can stop the possibility of their data being
stolen."

Insurance Sector an Active Target
Last year, the insurance company CNA Financial Corp. acknowledged that a
cyber incident it suffered in March 2021 had been a ransomware attack and
that it had notified 75,000 individuals that their data may have been
compromised (see: CNA Discloses Breach Related to March Ransomware Attack).

Personal information that may have been compromised during that incident
included names, Social Security numbers and in some instances, health
benefits information, CNA said in a formal notice on the incident. The
majority of individuals being notified were current and former employees,
contract workers and their dependents.

CNA reportedly paid a $40 million ransom after the ransomware attack.

In May 2021, Asia Assistance, a subsidiary of Paris-based multinational
insurance company AXA, was hit by a ransomware attack that affected its IT
operations in Thailand, Malaysia, Hong Kong and the Philippines (see:
Ransomware Attack Hits Asian Unit of Insurer AXA).

Tokio Marine, a Japan-based property and casualty insurer said its Tokio
Marine Insurance Singapore unit had been hit by a ransomware attack in
August 2021 (see: Insurer Tokio Marine Hit by Ransomware).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220303/e0598460/attachment.html>