"Allianz UK told The Register that the attack compromised the data of its customers only, and there was no impact on LV's customers or systems at all. It confirmed 80 current Allianz UK customers and 670 previous customers were affected, all of whom had been contacted and offered support. The attackers broke in via the company's Oracle EBS, which is used in its personal lines business, covering products such as home, car, pet, travel, and other types of personal insurance."
"Allianz UK refused to comment on whether it was extorted by the criminals working for Clop, but said that it reported itself to the Information Commissioner's Office, although the watchdog did not respond to our efforts to verify this claim. The insurance giant also confirmed that the attack was entirely separate from an earlier breach at Allianz Life, one of its US subsidiaries, the majority of whose 1.4 million customers had their data compromised in July."
Clop gang exploited a zero-day vulnerability in Oracle E-Business Suite to breach Allianz UK’s systems supporting personal lines insurance. The breach compromised data belonging to 80 current and 670 former Allianz UK customers, all of whom were notified and offered support. Liverpool Victoria (LV) systems and customers were not impacted. Allianz UK reported the incident to the Information Commissioner's Office and declined to say whether it paid extortion. The incident is separate from the July breach at Allianz Life that affected about 1.4 million US customers. The attack aligns with a wider wave of EBS intrusions affecting multiple organizations.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]