CNA revealed it sustained a cyberattack on Sunday evening which caused network disruption and impacted certain systems, including corporate email. Currently, it is not clear if the company’s data has been affected.
In a statement issued Tuesday, CNA revealed it sustained a “sophisticated cybersecurity attack" on Sunday evening which caused network disruption and impacted certain CNA systems, including corporate email.
In response, the company has disconnected its systems from its network “out of an abundance of caution," according to its statement, currently displayed on CNA's homepage.
“Upon learning of the incident, we immediately engaged a team of third-party forensic experts to investigate and determine the full scope of this incident, which is ongoing," the statement said. “We have alerted law enforcement and will be cooperating with them as they conduct their own investigation."
Currently, it is not clear if the company's data has been affected. The notice also provides instructions for policyholders to submit claims and request billing and underwriting support, as well as a contact phone number for independent agents.
“We've notified employees and provided workarounds where possible to ensure they can continue operating and serving the needs of our insureds and policyholders to the best of their ability," the statement added. “Should we determine that this incident impacted our insureds' or policyholders' data, we'll notify those parties directly."
Independent Agent magazine requested further guidance for independent agents and brokers during the outage but CNA declined to comment. At this time, CNA's systems remain offline and the company has not issued any further information regarding Sunday's cyberattack.
CNA, which has 5,800 employees worldwide, is one of the largest commercial property-casualty insurance companies in the U.S. generating $10.8 billion in revenue last year.
Will Jones is IA editor-in-chief.