Arthur J Gallagher (AJG), US-based insurance brokerage confirms a ransomware attack that appears to have impacted only a “limited portion” of its system.
Arthur J Gallagher (AJG), US-based insurance brokerage confirms a ransomware attack that appears to have impacted only a “limited portion” of its system.
AJG is one of the largest insurance brokers with more than 33,300 employees and is ranked 429 on the Fortune 500 list. Gallagher provides insurance, risk management, and consulting services to businesses, communities, and people across the world.
Gallagher said that the ransomware attack was detected on September 26, 2020.On Monday, all systems with subsidiary Gallagher Bassett Services Inc. we're shut down. On Tuesday, the unit’s website remained offline.
"We promptly took all of our global systems offline as a precautionary measure, initiated response protocols, launched an investigation, engaged the services of external cybersecurity and forensics professionals, and implemented our business continuity plans to minimize disruption to our customers," the brokerage said in a filing with the U.S. Securities and Exchange Commission (SEC).
Gallagher said that it has restarted or in the process of restarting most of its business systems.
Gallagher added that the companies are “in the early stages of assessing the incident ” and that “based on the information currently known, we do not expect the incident to have a material impact on our business, operations or financial condition."
According to Troy Mursch, chief research officer at cybersecurity intelligence firm Bad Packets, AJG had two F5 BIG-IP servers vulnerable to CVE-2020-5902 initially before the ransomware attack.
The company did not explain if any customer or employee data was accessed or exfiltrated by the attackers. However, still, there are high possibilities for data being stolen depending on the ransomware group that was behind the attack.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?