CNA Says Email Now Safe As Cyber Attack Recovery Progresses

CNA Insurance expects its corporate email and other functions to be fully operational soon as it continues its recovery efforts following a March 21 cyber attack. In an April 1 security update, the company said it is now safe to conduct business and communicate with the insurer via email.

“We are well into the restoration phase and making significant progress across our internal systems to return our environment to a fully operational state,” the commercial lines insurer said in an online statement.

CNA said it reestablished email functionality that is protected by multi-factor authentication and a security platform to help detect and block email threats.

“Based on our forensic investigation to-date, our forensic experts have confirmed that the malware used by the Threat Actor in the CNA environment, including the ransomware, does not contain the ability to automatically spread to any internal or external systems. Also, additional security software has been deployed in the CNA environment,” the company stated.

The company has created dedicated email inboxes for insureds, agents, claimants and operations.

The insurer said it has been following a phased approach – containment, remediation, restoration, a forensic examination, and a thorough data review process.

“We have also activated our business continuity plans to ensure our stakeholders are supported throughout our ongoing investigation,” the company said.

The company said it will notify “any impacted parties” as appropriate once its investigation is complete.