A ransomware attack has hit French insurer Axa’s Asia Assistance division, affecting operations in Thailand, Malaysia, Hong Kong and the Philippines.

The attack compromised some data in Thailand, the firm stated, adding that the attack and its complete impact is currently under probe.

“Certain data processed by Inter Partners Asia (IPA) in Thailand has been accessed,” the insurer said.

However, it said that there is no indication of further data being breached. The firm said that it would notify all affected corporate clients and individuals.

Cyber criminals used Avaddon ransomware for the attack, reported the Financial Times citing a dark web post. Around three terabytes of data including customer medical records and claims, as well as bank documents were said to be stolen.

The firm has already notified regulators and business partners of the breach. A dedicated taskforce with external forensic experts is carrying out a probe into the matter.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

“AXA takes data privacy very seriously and if IPA’s investigations confirms that sensitive data of any individuals have been affected, the necessary steps will be taken to notify and support all corporate clients and individuals impacted,” the firm said.

The insurer recently decided to stop writing cyber-insurance policies in France that cover customers for extortion payments to ransomware attackers.

The move was in response to concerns raised by French justice and cybersecurity officials.

According to experts, France is the second worst-hit country across the globe after the US in terms of ransomware victims. The criminals often accumulate intelligence about potential targets beforehand such as whether their insurance will cover a ransom payment.

France’s total losses in damage from ransomware to businesses, hospitals, schools and local governments was over €4.5bn last year, as per the estimates of cybersecurity firm Emsisoft.