‘AON’ Insurance Giant struck by a Cyberattack during the Weekend
What is AON?
Professional services and insurance giant AON suffered a cyberattack that impacted a “limited” number of the company’s systems. AON is a multinational professional services firm offering a wide array of solutions, including business insurance, reinsurance, cybersecurity consulting, risk solutions, healthcare insurance, and wealth management products. They generated $12.2 billion of revenue in the year of 2021 and has approximately 50,000 employees spread across 120 different countries.
Weekend Cyberattack
AON has disclosed in an 8-K form filed with the Securities and Exchange Commission, that they suffered a cyberattack on February 25th, 2022. Apart from the fact that they were hit by a cyberattack, AON has not provided any further information regarding the attack just that it affected a limited number of their systems and the attack occurred on Friday.
“On February 25, 2022, Aon plc (the “Company”) identified a cyber incident impacting a limited number of systems. Promptly upon its identification of the incident, the Company launched an investigation, and engaged the services of third-party advisors, incident response professionals, and counsel. The incident has not had a significant impact on the Company’s operations,” reads the Form 8-K filed by AON.
“Although the Company is in the early stages of assessing the incident, based on the information currently known, the Company does not expect the incident to have a material impact on its business, operations or financial condition.”
Furthermore, to being an insurance broker, AON is also a prominent reinsurance company, this means that that they insure the already existing insurance companies. A source has also informed BleepingComputer such attacks are common in the reinsurance industry. Additionally, it is also common to receive data dumps of other insurers’ clients when underwriting a reinsurance policy. Because of these reasons it makes AON an appealing target for threat actors who’s primary intentions are to steal corporate data during cyberattacks.
In an interview with the REvil ransomware gang, the threat actors stated that insurers are “one of the tastiest morsels” as they provide lists of possible targets more likely to pay a ransom as they have cyber insurance policies. Insurance giant CNA was also targeted in a ransomware attack in 2021 by the Evil Corp cybercrime syndicate. It has been reported they paid a $40 million ransom just to receive a decryptor and prevent their stolen data from being leaked.
Source: