A ransomware attack has hit the Thai operations of a subsidiary of French insurance giant Axa Group, Inter Partners Assistance (IPA), with some data accessed.
“A vendor of KT Axa and Axa GI, Inter Partners Assistance (IPA), was recently targeted by a ransomware hacker,” a spokesperson for Axa Asia told Channel Asia. “As a result, certain data processed by IPA in Thailand has been accessed. At present, there is no evidence that any further data was accessed beyond IPA in Thailand.
“A dedicated taskforce, with external forensic experts, is investigating the incident. Since the incident, systems have been restored and regulators and business partners have been informed.
“Axa takes data privacy very seriously and if IPA’s investigations confirm that sensitive data of any individuals have been affected, the necessary steps will be taken to notify and support all corporate clients and individuals impacted,” the spokesperson said.
Ιnter Partner Assistance is a wholly-owned subsidiary of the Αxa Group. Established in more than 30 countries, including Malaysia, Thailand, the Philippines and Singapore, Inter Partner Assistance markets its products and services in more than 70 countries.
As reported by media outlet Reuters, the cyber attack affected Axa’s Asia Assistance division, with the multinational insurance firm now in the process of investigating the incident.
Asia Assistance is headquartered in the heart of Petaling Jaya, Malaysia. Incorporated in 1998, the business has emerged as a leading assistance service provider and third-party administrator.
In 2005, the Axa subsidiary expanded its operation regionally with the incorporation of AA International, which operates in 10 locations throughout the Asia Pacific region and Europe.
The company has offices and 24/7 call centers in Malaysia, Thailand, Indonesia, Philippines, Singapore, Hong Kong, Korea, Taiwan, Australia and Germany.
The attack, for which responsibility was reportedly claimed by cyber criminals using Avaddon ransomware, comes roughly three months after personally identifiable information of at least 129,000 Singtel customers was exfiltrated following an attack on the telco’s systems via legacy FTA file sharing software from vendor Accellion.
In that incident, the customer information that was exfiltrated contained National Registration Identity Card (NRIC) details and some combination of name, date of birth, mobile number and address.
In March, Singapore Airlines warned its frequent flyer members of a third-party breach affecting up to 580,000 people after air transport communications and information technology provider SITA became the victim of a cyber attack.
Just days earlier, Malaysia Airlines informed Enrich frequent flyer members of a “data security incident” via a third-party IT service provider, insisting the breach avoided the national carrier’s core IT infrastructure and systems.
(Article updated on 18 May to include additional commentary from Axa Asia.)