CNA rating unaffected by cyberattack; insurance cover in place: S&P

The ransomware attack that crippled CNA Financial Corp.’s computer systems this week likely won’t affect the insurer’s A+ financial strength rating, S&P Global Rating said Friday, noting that CNA had cyber liability coverage in place.

CNA’s systems remained down Friday nearly a week after it discovered its systems had been breached by a hacker group known as Phoenix.

In its note, the Standard & Poor’s Financial Services LLC rating unit said CNA contained the incident by disconnecting its enterprise-wide system when the attack was discovered on March 21 and took other remedial action.

In addition, “the company has said it is able to absorb potential financial consequences resulting from the breach through its cyber insurance coverage,” the S&P note said.

CNA declined to comment on the S&P note.

CNA itself is the second-largest insurer of cyber liability package policies, according to the latest data from the National Association of Insurance Commissioners.