CNA Financial Corporation Data Breach

2021-07-16 13:43:00
data breach,CNA corporation,data breach at CNA corporation
NOTICE: If you are a current or former customer or employee of CNA Financial Corporation (“CNA”) and received a NOTICE OF DATA BREACH, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options.

Stock image of computer softwareIn March 2021, CNA experienced a data breach and ransomware attack. An unknown “threat actor” accessed and copied 75,349 customers’ files that contained personal information including names and Social Security numbers.  The cyber attacker copied this highly sensitive employee and customer personal information while deploying ransomware.

The cyberattacker used the Phoenix CryptoLocker, created by Evil Corp, to infect over 15,000 devices connected to CNA’s network. Bloomberg News reports that the Chicago-based company paid the attackers $40 million to regain control of its network. 

What information was involved? 

On July 9, 2021, CNA began providing written notice to individuals notifying them of the data breach that occurred from March 5 to 21, 2021. The notice letters include the following affected information:

  • First and last names
  • Social Security Numbers
  • Past and current customers’ information
  • Past and present employees’ information
  • Past and present contract workers’ information
  • Employees’ dependents’ information

Headquartered in Chicago, Illinois, CNA is one of the largest commercial property and casualty insurance companies in the United States. It provides a broad range of standard and specialized property and casualty insurance products and services for businesses and professionals in the U.S., Canada, and Europe.

NOTICE: If you are a current or former customer or employee of CNA Financial Corporation and received a NOTICE OF DATA BREACH, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options.