The SSP data hack is a serious issue for many insurance brands. Every company wants to feel secure and so do policyholders.
The attack comes just weeks after a ransomware attack in Australia when a health insurance brand, Medibank, was targeted. They refused to pay the ransom and patient data is being drip fed onto the dark web. The Medibank brand may face more expense as the Australian regulator seeks to understand what happened and how secure Medibank’s IT procedures are going forward.
Australian Police blamed Russian hackers for the Medibank attack and it’s a plausible scenario. Doesn’t make it true of course. Could just be criminals with geek skills. Back in 2021 CNA in the US reportedly paid $40m ransom to “Russian” hackers ro regain control of their data systems. Also in May 2021, AXA Asia was hit by a ransom attack. In mid-October 2022 Kingfisher suffered a cyber attack by Lockbit, who have also targeted the NHS in the UK.
More background on the Medibank incident here.
Fact is, given that some companies will pay a ransom, various bad actors will have a go, especially at larger insurance brands that a. have more financial resources and b. have more to lose in terms of wider brand reputation. It’s going to be an ongoing problem for insurance brokers, MGAs and in particular software houses, since they provide the IT services which make everything work online and join the dots when it’s claims, renewal or incept time.
INDUSTRY REACTION TO SSP
Raghu Nandakumara, Senior Director, Head of Industry Solutions at Illumio
“The SSP ransomware attack serves as another reminder of why cyber resilience is critical. The fact that the company is now having to build an entirely new IT environment suggests that the existing one has been compromised to the point that SSP feels it is unable to recover in place.
This will no doubt cause concern among brokers and insurers. Compare the Market is the first partner to disconnect itself from SSP, however, I expect we will see other brokers follow suit in the coming days as they seek to safeguard their customers.
Companies cannot afford to keep letting attackers hold their business hostage. Cyber resilience is now synonymous with business fortitude and any disruption to operations can have huge ramifications. Organisations must proactively strengthen resilience by always assuming breach and building in containment capabilities to limit the spread of an attack – or risk severe business repercussions.”
RECENT SSP HISTORY
SSP was acquired back in 2021 by Volaris/Vencora, with the deal officially announced early in November 2022 on the SSP Twitter feed. In March 2022 Peter Gregory, Director of Broking left SSP after a 20 year spell there.
Back in 2016 Computer Weekly reported that SSP had suffered an outage that lasted for two weeks, which affected lots of brokers, as about 40% of UK brokers used SSP software as part of their renewals process.
IE has reached out to SSP for comment but emails are being returned as undelivered at present.