French insurance company AXA confirmed on 16th of May that the IT systems of its Asian divisions located in Thailand, Malaysia, Hong Kong and the Philippines were the victims of a ransomware cyberattack perpetrated by the Avaddon cybercriminal group.
The cybercriminals confirm to have stolen around 3TB and threaten further DDoS cyberattacks against AXA websites globally if AXA does not pay the ransom. For its part, AXA has only confirmed that certain data processed by Inter Partners Assistance (IPA) in Thailand was compromised and some services, such as corporate websites, were inaccessible.
The affected systems have now been restored and investigations are continuing while those affected are being informed. The attack came after AXA announced it would stop issuing insurance policies covering ransomware extortion payments.