Printed from BusinessInsurance.com

CNA ‘back to normal’ after cyberattack; reports profit rise

Posted On: May. 3, 2021 10:43 AM CST

Dino Robusto

The ransomware attack on CNA Financial Corp. in late March took about three weeks to resolve but the insurer’s systems have been restored and no customer accounts were compromised due to the cyberattack, CNA’s top executive said Monday.

The insurer disconnected its systems after the attack, and its corporate website was out of service for two weeks.

Speaking on CNA’s quarterly earnings call with analysts Monday, Dino Robusto, chairman and CEO, said the insurer brought in outside forensic teams and law enforcement in response to the attack.

“The attack has been fully contained, and our systems are back online and operations are back to normal. There is no evidence to indicate that external customers or other parties were at risk of infection or cross-contamination due to this incident,” he said.

Meanwhile, CNA reported a $321 million profit for the first quarter compared with a $61 million loss in the same period last year.

The insurer reported $1.94 billion in net written premium, up 4% compared over last year’s first quarter.

The insurer’s combined ratio deteriorated to 98.1% from 97.3% in the 2020 quarter, largely due to increased catastrophe losses, Mr. Robusto said.

Insurance rates increased by 11% on average during the quarter, he said. In individual business units, CNA’s international business reported 14% average rate increases, while rates in its commercial unit increased an average 10%, although within that sector workers compensation rates were flat. In specialty, which includes management liability and professional liability, rates rose 10% on average.