Aon hit by Russian MOVEit data hack
Insurance Post can reveal that Aon has been caught up in the MOVEit data hack, which has embroiled a number of major corporations.
The Russia-linked ransomware group Clop has been exploiting a security flaw in MOVEit Transfer, a tool used by businesses in various industries to transfer files.
Progress Software, the developer of the MOVEit software, has fixed the gap in the system’s vulnerability, but hackers got there first and compromised a number of its customers.
It had looked like UK operational insurance businesses had managed to swerve the attack, but Post can now confirm global broker Aon has been caught up in it.
A spokesperson for Aon confirmed the hack to Post, and said the broker had shut off access to MOVEit.
The spokesperson said: “Progress Software, a third-party software provider Aon uses for managed file transfers, notified Aon that the company had identified a previously unknown vulnerability in its software, known as MOVEit Transfer.
"Upon notification, Aon shut off access to MOVEit, initiated its incident response procedures and enabled the patches, restoring MOVEit services for Aon colleagues and clients.”
Aon has opened an investigation into the incident, as it has determined that a number of clients have had details downloaded by an unauthorised party.
The spokesperson continued: “Our investigation, supported by leading third-party advisers, remains ongoing.
"While we are still working to associate specific data elements with Aon clients, we have determined that certain files related to a select number of our clients that were processed in the MOVEit Transfer application were downloaded by an unauthorised party.
“This download occurred before Progress Software disclosed the vulnerability publicly. We are in the process of notifying impacted clients.”
Until Aon completes its investigation, it is unclear how much data has been compromised.
It is also unclear if any other insurance firms have been affected, although it is reported that a printing firm used by several insurance entities, including Aon, was also hit by the attack.
Andrew Martin, CEO and founder of Dynarisk, said the MOVEit vulnerability caught dozens of organisations off guard.
Martin said: "Smaller organisations need to up their game to defend against cyber attacks while large companies like Aon need to do more to reduce their attack surface, implement layered security controls and monitor their supply chain.
"DynaRisk analysed 47 companies affected by this attack and found 30 of 47 were rated higher risk than peers. These companies could certainly have done more to improve their security to reduce the likelihood and severity of a breach such as this.
"While this first wave of ransoms has been significant, it is only a matter of time before more ransomware groups begin leveraging this issue and widen the scope of companies that will be compromised."
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@postonline.co.uk or view our subscription options here: http://subscriptions.postonline.co.uk/subscribe
You are currently unable to print this content. Please contact info@postonline.co.uk to find out more.
You are currently unable to copy this content. Please contact info@postonline.co.uk to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@postonline.co.uk
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@postonline.co.uk
More on Broker
Ex-BGL CEO Thompson joins Open GI as chair
Former BGL Insurance CEO Peter Thompson has joined Open GI as the organisation’s chair.
Diary of an Insurer: Clear’s Claire Thompson
Claire Thompson, senior corporate account handler and hybrid account executive in the broking and sales team at Clear Doncaster, walks her Springer Spaniel, tackles CrossFit plus prepares for being a full-time account executive.
Big Interview: Clarissa Franks, Lockton
Clarissa Franks, head of UK retail for Lockton, speaks to Scott McGee about her first year at the broker, the joy of not being “tied up in numbers and margin”, and shares how her team is “doubling down” to achieve growth.
FCA bans and fines broker £1.1m for misusing funds
The Financial Conduct Authority has banned Leigh Mackey from working in financial services and fined him £1.1m for misleading the FCA and misusing funds due to insurers.
Jensten names group CEO as Hardie steps down
Alistair Hardie is stepping own as group CEO of Jensten, as he looks to pursue a number of non-executive opportunities elsewhere.
Convex’s Brand urges rivals to stop moaning about brokers’ profits
Paul Brand, CEO of Convex, has told carriers to focus on harnessing technology to drive down their own operational expenses rather than wishing brokers would charge less.
Howden rolls out pilots to increase efficiency
Carl Shuker, UK & Ireland CEO for Howden Insurance Brokers, has outlined three examples of how the broker has increased efficiency within its operations.
60 Seconds With... SSP Broker's Nazia Majeed
Nazia Majeed, head of project and service delivery at SSP Broker, would like to go to Formula 1 Monaco Grand Prix, hates ironing and likes to dance to The Killers' Mr Brightside.