American Family Insurance (AmFam), one of the country’s leading insurance giants, has recently experienced a severe cyberattack. This attack led to the shutdown of critical portions of its IT infrastructure. This article delves into the incident and its impact.
A Closer Look at American Family Insurance
AmFam is a prominent insurance company with a focus on a wide range of insurance offerings, including commercial and personal property, casualty, auto, and life insurance. They also provide investment and retirement planning services. With a considerable workforce of 13,000 employees and a substantial 2022 revenue of $14.4 billion, AmFam is a significant player in the insurance industry.
Confirmation of Cyberattack
AmFam recently confirmed that they detected unusual activity within their network. In response, they swiftly initiated precautionary measures to safeguard their data and resources. This included the shutdown of several vital business systems.
An AmFam spokesperson conveyed, “This week, the technology teams at American Family Insurance detected unusual activity in a portion of our network. We quickly took precautionary measures to protect data and resources and shut down several business systems. We recognize the system outages are impacting customers, agents, and employees and we appreciate their patience and understanding.”
Ongoing Investigation
AmFam’s investigation into the cyberattack is ongoing and involves both internal and third-party experts. Encouragingly, they have not identified any compromises to critical business systems, customer data processing, or data storage. Several essential components of their enterprise continue to operate without interruption.
AmFam aims to bring its systems back online as the investigation progresses and safety is assured.
Impact of the Attack
Since the onset of the attack, AmFam has been grappling with IT outages affecting multiple facets of their operations. These outages have disrupted the company’s phone service, building connectivity, and online services. Notably, the attack also affected other tenants in the same building due to the shutdown of internet connectivity by AmFam.
Customers have reported difficulties in paying bills or filing claims online. The company’s website displayed messages notifying visitors of the service outage and urging them to reach out via phone instead. Messages such as “We are currently experiencing a service outage” and guidance on claims and payments via phone have been prevalent.
Potential Ransomware Connection
While the exact nature of the cyberattack remains undisclosed, it exhibits characteristics often associated with ransomware attacks that have become increasingly prevalent in the corporate world. Ransomware attacks often occur over the weekend when network activity is lower, making detection less likely.
Typically, during these attacks, threat actors infiltrate the network, exfiltrate data, and encrypt devices. Subsequently, victims are presented with ransom notes, threatening data leakage unless a ransom is paid.
As the situation unfolds, it’s critical for AmFam to resolve the issues swiftly and implement robust security measures to prevent similar incidents in the future.
