MMA cyberattack: never-ending disaster recovery
Hit by ransomware last week, insurer MMA is still unable to resume operations. A ransom was reportedly demanded without payment being made.
The situation is serious at MMA. The insurer from Le Mans (Covéa group) was hit hard by a cyberattack on the night of Thursday July 16 to Friday July 17. 10 days later, the group’s site and operations are still heavily impacted, with no return to normal expected before mid-week a priori. According to Ouest France, the IT teams are mobilized day and night to restore a deeply slowed down operation. “We are scanning every computer in the company again,” said a group leader who said that at present, no data leaks have been observed.
The absence of disaster recovery – a sign of a faulty backup, encryption or corruption of the latter – poses whatever the question. “A ransom, the amount of which has not been disclosed, has been claimed but has not been paid by the company. No sensitive data was affected according to the management, the attack would have constituted an important encryption of the servers. The group plans to file a complaint,” said the CGT Covéa following a Social Economic Committee held this Sunday. MMA could well have been affected by the Netwalker ransomware, the same that the Bolloré group had to face a few weeks earlier.
According to this union source, employees were asked to bring back their computer equipment for analysis, knowing that teleworking would no longer be possible “until further notice” except for vulnerable people with a medical certificate of isolation. . “The situation is critical and the economic and social consequences are significant,” said CGT Covea.