CNA Canada says its operations are fully restored following a cyberattack in March.

The insurer provided an update on the situation on May 12.

The investigation into the incident is ongoing, and CNA does not believe its external customers were at risk of infection due to the incident. Third-party computer forensic experts are assisting the insurer in its investigation.

“CNA’s forensic investigation and root cause determination have revealed no indication that this was a targeted attack or that CNA or policyholder data was specifically targeted by the Threat Actor. As a result of our efforts, we are confident that the Threat Actor has not accessed the CNA environment since the ransomware event,” the insurer said in its update.

Data review

CNA Canada is reviewing the impacted data to determine if any policyholders and personal data were affected. “We do not believe that the Systems of Record, claims systems, or underwriting systems, where the majority of policyholder data–including policy terms and coverage limits–is stored, were impacted," the update reads.

The insurer adds that it has been conducting dark web scans and searches for CNA-related information. “At this time, we do not have any evidence that data related to this attack is being shared or misused," the update reads.