AXA Partners, a subsidiary of the French insurance giant, announced on Sunday that it had been the victim of a cyberattack in Asia. The incident affected the IT operations of Asia Assistance in Thailand, the Philippines, Malaysia and Hong Kong.
Cybercriminals have used ransomware, such as the spectacular attack by the Darkside hacker group on the Colonial pipeline in the United States.
But to date, only “certain data operated by Inter Partners Asia in Thailand has been intercepted,” the company said in a statement. “There is no proof for the moment that other data could have been.”
AXA Partners is the structure dedicated to the development of the group’s international assistance partnerships. Regulators and the company’s business partners have been made aware of the incident. An investigation was opened, with the support of outside experts.
“If the investigation confirms that anyone’s sensitive data has been affected, the necessary steps will be taken to prevent and support all business customers and affected individuals,” the company added.
Medical and financial data
AXA Partners does not give details on the nature of the data stolen. But according to a post published on the dark web by a group of cybercriminals, spotted by the “Financial Times”, information on the identity of certain customers (passports, identity cards) would have been stolen, but also financial data, hospital bills, medical reports or information on hospital staff.
The revelation of this cyberattack comes amid debate in France on the response of insurers to this type of incident, while ransomware-type attacks have exploded in recent months. Computer security experts believe that paying ransoms to hackers in ransomware attacks encourages these practices.