Insurance giant Lloyd’s of London investigating cyberattack

UPDATE 10/10/22: In a statement on Monday, a LLoyd's spokesperson said systems were taken offline as a "proactive decision" in response to unusual activity on the insurance giant's network.

The spokesperson said cybersecurity companies Mandiant and NTT were hired to perform the cybersecurity investigation.

“The investigation has concluded that no evidence of any compromise was found and as such Lloyd’s has been advised that its network services can now be restored," the spokesperson told The Record.

“We continue to work with our partners to monitor the IT environment as we restore services to the market, which we currently anticipate to complete by Wednesday 12 October.”

PREVIOUSLY: Insurance giant Lloyd’s of London said on Wednesday that it is investigating a possible cyberattack.

A spokesperson for the commercial insurance market told The Record that cybersecurity experts at the company “detected unusual activity on its network.”

“As a precautionary measure, we are resetting the Lloyd’s network and systems. All external connectivity has been turned off, including Lloyd’s delegated authority platforms,” the spokesperson said. “We have informed market participants and relevant parties, and we will provide more information once our investigations have concluded.”

Lloyd’s representatives would not say if it was a ransomware attack or explain who may have been behind the incident. It has been one of the most notable supporters of sanctions against Russia since the country’s government decided to invade Ukraine earlier this year. 

The insurance marketplace has been at the center of a cybersecurity controversy since August, when it began requiring underwriters to exclude coverage for state-backed cyberattacks linked to war or catastrophic damages. 

Beginning at the end of March 2023, insurance groups must specifically exempt coverage for losses “arising from a war,” as well as from state-backed cyberattacks that “significantly impair the ability of a state to function,” or which impact a state’s security capabilities. It also mandates that syndicates have a clear system for how to attribute an attack to a state-based actor. 

“The ability of hostile actors to easily disseminate an attack, the ability for harmful code to spread, and the critical dependency that societies have on their IT infrastructure, including to operate physical assets, means that losses have the potential to greatly exceed what the insurance market is able to absorb,” Lloyd’s Underwriting Director Tony Chaudhry said. 

Lloyd's, which traces its founding to 1688, reported in September an underwriting profit of £1.2 billion for the first half of 2022.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.