CNA Financial has suffered a cyberattack and the insurance giant's corporate email system is offline, CNA has disclosed. The attack's overall impact is undisclosed, and CNA did not mention whether ransomware-oriented malware was involved in the attack.
CNA has hired third-party forensics experts to investigate the attack and determine the full scope of the incident, the insurance company said. CNA did not disclose the name of the forensics company, nor did the insurance firm mention if an MSSP (managed security services provider) is involved in the recovery effort.
CNA Cyberattack Details: Company Statement
The CNA statement, posted on the company's website, stated in part:
"On March 21, 2021, CNA determined that it sustained a sophisticated cybersecurity attack. The attack caused a network disruption and impacted certain CNA systems, including corporate email.
Upon learning of the incident, we immediately engaged a team of third-party forensic experts to investigate and determine the full scope of this incident, which is ongoing. We have alerted law enforcement and will be cooperating with them as they conduct their own investigation.
Out of an abundance of caution, we have disconnected our systems from our network, which continue to function. We’ve notified employees and provided workarounds where possible to ensure they can continue operating and serving the needs of our insureds and policyholders to the best of their ability.
The security of our data and that of our insureds’ and other stakeholders is of the utmost importance to us. Should we determine that this incident impacted our insureds’ or policyholders’ data, we’ll notify those parties directly."
CNA Cyberattack and Email Outage: How to Reach the Insurance Company
Amid the corporate email outage, CNA is recommending these communication pipelines for customers and policy holders. The pipelines include:
For U.S. Operations, customers can use these options:
CNA vowed to keep customers updated on the situation. As of March 25 at 8:45 a.m. ET, the company has neither disclosed the scope of the outage nor the potential recovery time.