The debilitating cyberattack carried out against Montreal, QC-based insurer Promutuel Assurance could potentially also be a data breach incident that endangers the personal information of both current and former staff, sources say.
A month has passed since the insurer’s IT systems sustained a cyberattack, and Promutuel Assurance’s website is still offline – closed for maintenance as the company works to restore affected systems.
In a recent statement, the insurer said that an investigation into the cyberattack found no signs of compromised social insurance numbers, driver’s licence numbers, credit card numbers or banking information of insured members. But Promutuel Assurance also said in the same statement that the personal information of past, present, and retired employees may have been compromised.”
The insurer said that it would provide all current and former employees with credit monitoring and data protection services.
While specific details of the attack remain scant, an anonymous source working for a cybersecurity research firm in Canada confirmed with IT World Canada that the website of the DoppelPaymer ransomware gang lists Promutuel Assurance as a victim. The ransomware website also claims to have a list of file names it allegedly copied from the insurer’s systems as proof of the attack.
Last week the Journal de Quebec reported that sensitive documents from Promutuel Assurance had been leaked online. The same news story also said that the insurer claimed that 15 of those files were recovered.