The networks of a major insurance company suffered a cyber attack in four Asian countries, the company reported.
The operations of Axa Partners, the international subsidiary of the insurer Axa, in Thailand, Malaysia, Hong Kong and the Philippines were affected.
The attack involved ransomware, a malicious software program that locks a computer, encrypts the data it contains, and displays a message demanding a ransom payment to release the data. Once paid, the hackers provide keys to decrypt the software.
The scope of the attack is under investigation.
If it is confirmed that sensitive data of any individuals was obtained, steps will be taken to notify and support those individuals or corporations, the company said in a terse statement issued Sunday.
It did not specify when the attack occurred, but said it was recent.
Some data from Inter Partners Asia in Thailand was obtained, the company said.
Regulators and business partners are aware of the situation, it added.
The Financial Times was the first to report the attack, saying hackers used a ransomware called Avaddon to access customer data, medical records and claims. Hospital and medical data was also stolen, the FT added.
AXA, one of Europe’s five largest insurance companies, reported a few days ago that it would stop issuing insurance policies in France to compensate those suffering from ransomware extortion. The Paris-based company said it made the decision due to fears that such compensation was encouraging criminals to penetrate companies’ networks to demand money.
The largest number of ransomware attacks occur in the United States and second in France, experts say. The extent of the problem in Asia has so far not been determined.
Ransomware attacks have been making headlines in recent days because of one perpetrated against a U.S. company that controls a major oil pipeline in the east of the country. The attack forced Colonial Pipeline to suspend shipments for several days.