Suspected Ransomware Attack Causes Disruptions at Pan-American Life Insurance Group (PALIG)

Suspected Ransomware Attack Causes Disruptions at Pan-American Life Insurance Group (PALIG)

The Pan-American Life Insurance Group (PALIG) has recently experienced disruptions that had likely been caused by a cyberattack. The attack has been carried out by a threat actor known for using the REvil ransomware.

PALIG is a large life, accident, and health insurance group of companies with many branches across the Americas and the world. The group employs some 2,000 people worldwide.

For a while now, the official website has been showing contact information and a message saying, “Pan-American Life Insurance Group is currently experiencing a disruption to some of our services and we are working to restore them.” 

The company posted temporary email accounts to facilitate communications while its official communication channel is down.

A cybercrime group that uses the ransomware known as REvil (Sodinokibi) claimed responsibility for teh attack. On the weekend, a cybersecurity researcher Anis Haboubi noticed that the well-known cybercrime group claimed on their Tor-based website to have stolen 170 GB of files and claimed this was a result of breaching the PALIG’s website.

The REvil ransomware encrypts files on the victim’s compromised cloud and prompts them to pay a ransom to recover the data. 

Haboubi told SecurityWeek that the compromised files stored in the cloud belonging to the Pan-American Life Insurance Group included financial reports covering all PALIG regions and health-related data.

Since then, the REvil leak website no longer has information about PALIG’s ransom. Haboubi believes this could be an indication that the company is negotiating with the cybercriminals.

SecurityWeek has reached out to PALIG for more information and received some more details.

The company took their systems offline soon after they detected suspicious activity. They experienced disruption to their regular services and systems. They started an investigation with the help of internal and external experts. 

Despite the disruption, PALIG continues to provide service to its customers and is focusing on bringing its systems back online.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.