Security & Privacy

Ransomware attack on Canadian insurance company resulted in $1 million payout

The name of the company is being kept private to avoid copycat attacks


A Canadian insurance company paid nearly $1 million USD (about $1.3 million CAD) following a ransomware attack.

Last October, computers at the insurance company were disabled for more than a week. The hackers were able to bypass the firewall of the company and lock the desktops. They also left a note on the computers.

The note read: “Hello [company name] your network was hacked and encrypted. No free decryption software is available on the web. Email us … to get the ransom amount. Keep our contact safe. Disclosure can lead to impossibility of decryption. Please use your company name as the email subject,”

News about the breach is just coming to light as the company is aiming to reclaim the ransom through the British court system. The company had a policy from a British company, which protected the Canadian company from facing losses from cyberattacks.

Neither of the companies have been named publicly because a judge believes that revealing the names might lead to copycat attacks.

Source: CTV News