Leadway Assurance Company Limited says it has deployed “mitigation measures” after it detected a breach in its system by hackers who have threatened to leak customers’ data.
On Sunday, the ALPHV ransomware group, also known as BlackCat, threatened to leak data allegedly stolen from the insurance firm.
In a tweet, ALPHV said the data was obtained from the network of “Leadway Assurance, Leadway Capital & Trusts, Leadway Hotels Limited, Leadway Pensure, and Leadway Asset management”.
The notorious gang said the companies were hacked due to their weak security systems.
“All of these companies had critical vulnerabilities and trivial security breaches that led to them being hacked. We have stolen 15 databases containing personal information about customers, over one thousand passports of employees, as well as company contracts, NDAs,” BlackCat tweeted.
“This is only part of the stolen data, if management does not contact us soon, we will publish all.”
In a statement to TheCable, Leadway Assurance admitted that its network was attacked, but said mitigation measures were deployed immediately.
The firm also activated its “continuity plan” protect proprietary data.
A continuity plan is a company’s system of procedures meant to restore critical business functions in the event of an unplanned disaster. These disasters could include natural disasters, cyberattacks, service outages, or other potential threats.
“We detected a potential threat to our network and have promptly deployed mitigation measures. Our preliminary investigation into this criminal intrusion indicates that this attack was successfully contained,” the organization said.
“We have initiated our business continuity plan to ensure that proprietary information and data are secured. We would like to notify you that our essential operations have been restored and we are working tirelessly to ensure minimal disruptions to our operations.
“Protecting our customers’ data remains a top priority as we have done in the last five decades. We have and will continue to strengthen our network to ensure total protection from external intrusion.”
Leadway Assurance also encouraged all its customers to “ignore any unsolicited correspondence from any channel” different from its officially designated channels of communication “during this period”.
“In the meantime, while our team is adhering to all regulatory requirements, we will continue to provide updates to all our stakeholders,” the insurance firm added.
ALPHV, like most other ransomware groups, encrypts and steals data, with the goal of extorting the victim by threatening to release the stolen information.
Available literature suggests that ALPHV gained prominence in 2021 as one of the first ransomware groups to use the Rust programming language and the first to create a search for specific data stolen from its victims.
Other victims of the group include Bandai Namco, a the Japanese video game publisher; Swissport, an aviation company; and the Munster Technological University (MTU) in Ireland. (The Cable)
