An insurance company based out of Manitoba, with offices in the Parkland, has been the victim of a ransomware attack that the company hadn’t shared with the public.
Andrew Agencies which is based in Virden, but has offices in Ste. Rose and Russell, appeared on a list of targets posted online by an international cybercrime gang that is claiming it shut down the company’s machines and stole their data.
The company’s lawyer, Dave Schioler confirmed in an email that the company had indeed dealt with a ransomware attack. He added that the company has expended considerable resources into the investigation and remediation of the incident.
Since 2018, privacy laws in Canada require companies to report to the Office of the Privacy Commissioner (OPC) about any breach of personal information that could pose risks of significant harm to individuals.
On Tuesday, a spokesperson for the OPC said that they had not been notified of any ransomware attack at Andrew Agencies.
The company hasn’t said who has been notified of the attack, but they did announce that they have hired third-party experts to solve the problem.
The cybercrime gang known as Maze has claimed that they used malware to lockout 245 of the company’s machines, as early as October 21st.
Maze released a list of organizations that “don’t wish to co-operate with them, and are trying to hide successful attacks on their resources.” The gang reportedly has ties to North Korea, but its location of origin is unknown.
Maze’s website has a list of IP addresses that supposedly belong to Andrew’s machines. The addresses correspond with computers and other devices at all of the company’s locations in Manitoba, Saskatchewan, and Alberta.
Maze has claimed to have stolen 1.5 gigabytes of information from Andrew Agencies, but it is not known what exactly was taken.
Schioler said that the attack has had “minimal impact” on the company’s operations.
According to Schioler, the company has not paid a ransom.
