Insurance House wrestles with cyber attack aftermath
Insurance House Group still has experts working around the clock following a major cyber attack that crippled its systems more than a week ago.
While the group says “critical functions” are up and running, some disruption continues after the incident, which hit the group’s brokerage, authorised representative network, underwriting agency ProRisk, affinity business and life insurance business.
At the time of publication, the website still could not be reached through Google searches, but a landing page with temporary contact details can be accessed here.
“We sincerely apologise to all our clients and anyone trying to reach Insurance House,” the website says. “A major IT incident has forced the lockdown of our network. Our team are working around the clock to restore services.”
Concerns were raised in the early hours of Sunday June 9 after a “phishing” email, which contained a link, seeded malware onto the group’s systems.
“ProRisk was most affected, but I can confirm the cyber incident impacted the whole group,” Insurance House Group MD Jay Fereday told insuranceNEWS.com.au.
“We shut down our system entirely to isolate and contain the problem. We were offline and non-contactable until late [last] Tuesday.
“We have now brought back critical functions, but some disruption will continue.”
The Melbourne-based group has a presence in 60 locations across Australia, and the response involved cleansing and restoring more than 400 computers.
Mr Fereday declined to put a cost on the impact at this stage, but says “there has been significant inconvenience and disruption”.
He emphasised that no client data was breached, and “manual workarounds” had enabled cover to be placed and all client needs to be met.
ProRisk Executive Director Hamish McDonald-Nye told insuranceNEWS.com that despite systems being down, policy renewals are being held on cover and instructions to bind cover will be honoured.
“We have outstanding capacity providers and we are receiving great support from all of them,” he said.
He says the incident proves cyber attacks “can happen to anyone”.
“We had a whole lot of precautions in place, which we had recently reviewed, and back-ups in place. This makes you realise just how challenging [the cyber threat] can be.
“It initially looked containable, but then became apparent that it was more significant. Malware is developing all the time and what we appear to have is something very, very new.”