BreachExchange mailing list archives
Can't read my, can't read my... broker face: Premium Credit back online a week after cyber attack
From: Destry Winant <destry () riskbasedsecurity com>
Date: Wed, 26 Sep 2018 19:09:42 -0500
https://www.theregister.co.uk/2018/09/26/premium_credit_outage/ UK-based insurance services firm Premium Credit has hauled itself back online following a malware-based attack that struck the business more than a week ago. Premium Credit underwrites insurance premiums for a network of brokers, business and personal customers and has 400 staffers across the UK and Ireland. In a statement on its website yesterday that accompanied its return after nine days offline, the UK and Ireland firm played down the episode, adding it had found "no evidence of data loss" following an unspecified "cyber incident". External experts continue to investigate. "We have now restored many key systems, and are working around the clock to complete our full restoration," the statement concluded. So what happened? The insurance premiums financer told El Reg that it had suffered from an unspecified malware outbreak, adding that it had taken its systems offline as a "precaution". In a follow-up statement, received via email, Adam Morghem, strategy and marketing director at Premium Credit, provided a fuller rundown of events. On Sunday 16th September, our virus monitoring alerted us to a cyber incident. We followed our extensive security protocols designed to protect our systems and isolate our partners from harm. We then began the investigation into the incident with external 3rd party experts. Since then, we have been working around the clock to restore our services for our brokers. Our trading systems are live with our brokers. Our call centres have been open since Monday 17th to support customers and producers during the outage. He told us the internal and external probes by infosec specialists had not turned up any evidence of data loss. He said it has told customers that any payment that was delayed due to the outage will not be treated as a deafult so no default charge will be levied. "We can only apologise for the disruption this has caused our partners and their customers," said Morghem. El Reg checked in with Troy Hunt, the security researcher behind the Have I been Pwned breach notification service and normally among the first people to hear about any customer data leak. He said he hadn't heard anything yet, a good sign, though hardly definitive. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Can't read my, can't read my... broker face: Premium Credit back online a week after cyber attack Destry Winant (Sep 27)