Tokio Marine a Japanese insurance firm hit by Ransomware Attack

A Japanese multinational insurance company ‘Tokio Marine’ hit by ransomware attack this week in its Singapore branch. Tokio Marine Insurance is the market leader and largest property/casualty insurance firm in Japan. The mere number of its customers is a strong reason for hackers to have targeted the firm for the attack, giving them access to massive financial information.

Tokio Marine ransomware attack and its modus operandi

The loophole and the process of the attack is yet to be identified, however the firm had isolated the affected systems immediately to avoid further spread of the ransomware. Tokio Marine authorities have also reported the government agencies and other respective authorities.

The company has brought in a third party cybersecurity investigation firm to identify the extent of the attack and data breach metrics. The company spokesperson has claimed that the attack hasn’t affected their customer or employee information, but this can only be assured after the investigation is completed.

Tokio Marine and other insurance company in the ransomware radar

Tokio Marine is the second insurance firm this week after Ryan Specialty Group that has been hit by ransomware attacks. Also there have been more insurers that fell victim to ransomware attacks this year including CNA Financial Corporation from the US, AXA branches from Thailand, Hong Kong, Malaysia and Philippines. Almost 3TB data was stolen in the AXA attack.

Here is a statement from a REvil representative about targeting insurance firms, Dmitry Smilyanets is the one interviewing the REvil unknown.

“Yes, this is one of the tastiest morsels. Especially to hack the insurers first—to get their customer base and work in a targeted way from there. And after you go through the list, then hit the insurer themselves” – Unknown, REvil representative

The Tokio Marine Ransomware attack is another wake up call for insurance firms to recheck their security protocols and procedures.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.