CNA Insurance said it continues to make progress in restoring its operations following a March 21 cyber attack.

Today it announced that, including CNA Central and, are back online.

This means that CNA’s small business agents and brokers may now obtain quotes through CNA Central, and surety agents can access to issue surety bonds through the online application.

“We are working diligently to restore full functionality to all site portals,” the company said on its website.

The company said that should it learn that insured or policyholder data has been affected, it will notify those parties directly.

In an April 1 security update, the company said it is safe to conduct business and communicate with the insurer via email. CNA said it reestablished email functionality that is protected by multi-factor authentication and a security platform to help detect and block email threats. The company has created dedicated email inboxes for insureds, agents, claimants and operations.

The insurer has indicated that the attack included ransomware. However it said its forensic experts have confirmed that the malware used by the attacker, including the ransomware, “does not contain the ability to automatically spread to any internal or external systems.”

CNA said it has also installed additional security software.

Commercial lines insurer CNA, which is one of the largest cyber insurers, has not revealed further details of its investigation. BleepingComputer, a free forum and news site for technology users, reported that the ransomware attack against CNA used a variant called Phoenix CryptoLocker that encrypted 15,000 company devices as well as computers of employees working at home.

On March 24, commercial lines insurer CNA reported that it had sustained a “sophisticated cybersecurity attack” that caused a network disruption and affected certain CNA systems, including corporate email.

CNA said it learned of the attack on March 21 and immediately engaged forensic experts to investigate and determine the full scope of this incident. The company disconnected its systems from its network and provided workarounds where possible to ensure employees could continue operating and serving policyholders.

CNA Financial Corp.’s financial ratings have not been affected by the insurer’s recent cyber attack. On March 29, AM Best, S&P Global Ratings and Fitch Ratings all affirmed their current ratings and outlooks for CNA and its subsidiaries and said they believe the attack has not yet had a material effect.

*This story ran previously in our sister publication Insurance Journal.

Topics Cyber