CNA,commercial lines insurer, reported that it has sustained a “sophisticated cybersecurity attack” that caused a network disruption and impacted certain CNA systems, including corporate email.
In a statement issued Tuesday evening, CNA said the attack affected certain systems, including corporate email. It also shut down the functionality of its website.
"Out of an abundance of caution, we have disconnected our systems from our network, which continue to function," the company said.
"We've notified employees and provided workarounds where possible to ensure they can continue operating and serving the needs of our insureds and policyholders to the best of their ability," said company's statement.
Upon learning of the incident on March 21, the insurer said it immediately engaged forensic experts to investigate and determine the full scope of this incident. That investigation is ongoing.
“We have alerted law enforcement and will be cooperating with them as they conduct their own investigation,” the company added in a statement.
As a precaution, CNA said it disconnected its systems from its network and provided workarounds where possible to ensure employees can continue operating and serving policyholders.
“The security of our data and that of our insureds’ and other stakeholders is of the utmost importance to us. Should we determine that this incident impacted our insureds’ or policyholders’ data, we’ll notify those parties directly,” the company said.