fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

US Insurance Giant AJG Reports Data Breach After Ransomware Attack

US Insurance Giant AJG Reports Data Breach After Ransomware Attack

Arthur J. Gallagher (AJG), a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September.

“Working with the cybersecurity and forensic specialists to determine what may have happened and what information may have been affected, we determined that an unknown party accessed or acquired data contained within certain segments of our network between June 3, 2020 and September 26, 2020,” AJG said.

As one of the largest insurance brokers in the world, AJG has over 33,300 employees and its operations span 49 countries.

The company is also ranked 429 on the Fortune 500 list, and it reportedly provides insurance services to customers from more than 150 countries.

Also Read: The 5 Phases of Penetration Testing You Should Know

Personal, financial, and health information exposed in the attack

While AJG didn’t say in the SEC filing announcing the ransomware attack if any customer or employee data was accessed or stolen by the attackers, a subsequent investigation found multiple types of sensitive information stored on systems breached during the incident.

The types of information discovered on compromised systems during the review include: “Social Security number or tax identification number, driver’s license, passport or other government identification number, date of birth, username and password, employee identification number, financial account or credit card information, electronic signature, medical treatment, claim, diagnosis, medication or other medical information, health insurance information, medical record or account number, and biometric information.”

To further illustrate the types of sensitive data that might’ve gotten accessed in the incident, AJG says in its privacy policy that it collects the following info from customers:

  • personal details (e.g., name, date of birth);
  • contact details (e.g., phone number, email address, postal address or mobile number);
  • government-issued identification details (e.g., social security and national insurance numbers, passport details);
  • health and medical details (e.g., health certificates);
  • policy details (e.g., policy numbers and types);
  • bank details (e.g., payment details, account numbers, and sort codes);
  • driving license details;
  • online log-in information (e.g., username, password, answers to security questions);
  • information relating to any claims;
  • other information received from applications or required questionnaires (e.g., occupation, current employer);

AJG is now notifying data regulatory authorities and all potentially impacted individuals (7,376 according to information provided to the Office of Maine’s Attorney General) as required by law.

The company is also warning affected individuals of identity theft risks and recommends keeping an eye out for unusual activity on their account statements and credit reports.

While Gallagher is not aware of any attempted or actual misuse of the impacted information, Gallagher is providing access to credit monitoring services for twenty-four months through Kroll to individuals whose personal information was affected by this incident, at no cost to these individuals. — AJG

AJG shut down all systems to block the attack

AJG said in an 8-K filing with the U.S. Securities and Exchange Commission (SEC) on September 28, 2020, that only a limited number of its internal systems were affected by the ransomware attack.

“We promptly took all of our global systems offline as a precautionary measure, initiated response protocols, launched an investigation, engaged the services of external cybersecurity and forensics professionals, and implemented our business continuity plans to minimize disruption to our customers,” AJG said.

Also Read: Got Hacked? Here Are 5 Ways to Handle Data Breaches

The company didn’t reply to any of BleepingComputer’s attempts to reach out for more info on how the attackers breached its network.

However, Bad Packets’ chief research officer Troy Mursch said they had two F5 BIG-IP servers on their network vulnerable to CVE-2020-5902 before the ransomware attack.

At the moment, the ransomware gang behind this attack is still unknown. Still, more than 20 different ransomware operations are known to first steal sensitive files from victims’ servers before deploying their payloads.

This stolen data is used as leverage to force compromised organizations into paying ransoms under the threat of gradually leaking the info.

In some cases, the ransomware gangs are also increasing the ransom until the entire batch of stolen files is leaked on sites specifically designed for this exact purpose.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us