Ransomware Attack on The Insurance Association of Connecticut

Incident Date: May 09, 2024

Attack Overview
VICTIM
The Insurance Association of Connecticut
INDUSTRY
Insurance
LOCATION
USA
ATTACKER
Lockbit
FIRST REPORTED
May 9, 2024

Ransomware Attack on The Insurance Association of Connecticut

Attack Overview

The website of the Insurance Association of Connecticut was targeted in a ransomware attack perpetrated by the cybercrime group known as LockBit 3.0. As a consequence, critical data and files were encrypted, rendering them inaccessible to the organization. The perpetrators demanded a ransom payment in exchange for the decryption key required to restore access to the encrypted information. The association's IT team devoted significant efforts to contain the attack and minimize its impact on their operations.

Victim Profile

The Insurance Association of Connecticut (IAC) is a non-profit organization that represents the interests of insurance companies in Connecticut. They have been the voice of insurers in the state for over 50 years, advocating for their members before decision-makers in government. The association focuses on supporting the insurance industry through lobbying efforts, public hearings, and advocacy work.

Industry Standing

The IAC is one of the most well-respected trade associations in Connecticut, with a team of experienced attorneys and lobbyists who work tirelessly for their member companies. They provide updates on laws, regulations, and news stories that impact insurers in the state.

Company Vulnerabilities

Being a prominent organization in the insurance sector, the IAC may have been targeted by threat actors due to the sensitive nature of the data they handle. Their involvement in lobbying and advocacy work could also make them a target for cybercriminals looking to disrupt their operations.

Ransomware Group: LockBit 3.0

The LockBit 3.0 ransomware group, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates and targeting businesses and critical infrastructure organizations. They are known for their advanced encryption techniques, obfuscation methods, and the ability to move laterally through networks.

LockBit May Attacks

Part of the May 2024 attacks, LockBit 3.0 resurfaced following the disruption of its infrastructure in February. Despite law enforcement efforts, the group swiftly returned, targeting over 50 victims within hours of reactivating its platform. LockBit's recent activities have impacted various industries globally, highlighting the widespread reach and impact of ransomware attacks.

Sources:

Disclaimer

The Halcyon Attacks Lookout Database is compiled using publicly available information based on the hosting choices of real-world threat actors and data from a variety of trackers. This information is provided in accordance with principles of fair use. Halcyon has made reasonable efforts to sanitize and verify the data; however, we do not guarantee the accuracy, completeness, or reliability of the information provided. Updates to the database are made as new source data becomes available from reputable sources.  By accessing, viewing, or using the information within the Halcyon Attacks Lookout Database, you acknowledge and agree to do so entirely at your own risk. No reliance should be placed upon the information for decision-making, and Halcyon disclaims all liability for any inaccuracies or omissions in the data.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.