U.S. insurance giant CNA Financial reportedly paid $40 million to a ransomware gang to recover access to its systems following an attack in March, making it one the most expensive ransoms paid to date.
The development was first reported by Bloomberg, citing “people with knowledge of the attack.” The adversary that staged the intrusion is said to have allegedly demanded $60 million a week after the Chicago-based company began negotiations with the hackers, culminating in the payment two weeks following the theft of company data.
In a statement shared on May 12, CNA Financial said it had “no evidence to indicate that external customers were potentially at risk of infection due to the incident.”
The attack has been attributed to new ransomware known as ‘Phoenix CryptoLocker,’ according to a March report from Bleeping Computer, with the strain believed to be an offshoot of WastedLocker and Hades, both of which have been utilized by Evil Corp, a Russian cybercrime network notorious for launching ransomware attacks against several U.S. entities, including Garmin, and deploying JabberZeus, Bugat and Dridex to siphon banking credentials.
In December 2019, U.S. authorities sanctioned…