Cyber attack Â: several hundred gigabytes of data stolen from Assu ·2000 Â?
[update 14 September @ 17: 00] on the website showcase of their activities, where they claim attacks on organisations refusing to give in to blackmail, the cybercriminals of the Conti group have just added a page dedicated to Assu 2000. There, they claim to be beginning to disseminate the data stolen during the attack that took place last June. But their allegations are impressive: the assailants claim to make available an archive of nearly 130 GB of compressed data, which, according to them, represents only 10% of the total stolen at the time of their intrusion.
Joined by the editor, a spokesperson for Assu 2000 indicated that it would not "comment on the publication to which you are referring". Our questions on the extent of damage caused by attackers at the end of June, on the progress of the resumption of activity, or on the point of entry and the time during which the attackers remained hidden in the information system, before triggering encryption, also remained unanswered.
[update July 1 @ 10: 15] in a letter addressed to Assu 2000 employees, of which we received a copy, Jacques Bouthier, President of the group, confirms: "as you know, we were victims of a computer attack on the night of June 29". He explains that "as soon as we became aware of it, we took the decision to temporarily suspend our IT activities in order to cope with the breakdowns […] Caused by the cyber attack.
Jacques Bouthier added that "a thorough investigation has been launched, in collaboration with leading experts in their market and relevant bodies (CNIL, Office Central de lutte contre la criminalité relatif aux technologies de l'information et de la communication, police judiciaire), to determine the origin and extent of this computer attack."
Caution requires that no recovery date for the affected systems is advanced; moreover, "in order to best protect our common interests, we will not restore our IT services until we are certain of the complete resolution of this incident".?
Finally, the President of the Assu 2000 Group stated that he planned to keep his staff informed'as progress has been made and the way in which [their] activities will be resumed'. He added that he was "very confident about the financial strength and the ability of [his] group to overcome this challenge, as we did during the Covid crisis."
For the record, from consistent sources, the Conti ransomware was used in the attack on Assu 2000. Several brands of the group are affected: Maxance, EuroInsurance, CreditMarket, Abbrokerage, and Assureo.
[original article] "due to a technical problem, your Asu 2000 site is temporarily unavailable. We are doing everything possible to remedy this quickly, "the insurer explains on its Facebook page, since Tuesday, June 29. He added that his teams are still available by telephone. But this is of little help.
We reached the switchboard that transferred us to a local agency. Here, our interlocutor said he was unaware of the nature and gravity of the situation. But the symptoms mentioned are significant: no Assu 2000 IT service or business application is available. There's no way to make even a quote, for example. "only the phone works," we are told.
Such a technical incident, leading to the shutdown of many systems, especially trades, is reminiscent of the one that hit the French hardware subsidiary Würth at the beginning of April, or Camaïeu at the beginning of June.
In both cases, many systems had been shut down, including the website. And it was only possible to buy items in stock in store.
At the time, the management of the Würth France company spoke of a "computer security incident", refusing to go into further details. But this incident had, from the outside, all the appearance of a cyber attack with a ransomware. For his part, Camaïeu acknowledged after a few days that he was facing a cyber attack.
We have tried to reach the press service of Assu 2000, without success at the time of publishing these lines. According to separate sources, Assu 2000 is the victim of a cyber attack with the Conti ransomware. The whole group would be affected.
Related Articles