A gang of cyber hackers posted on the dark web confidential documents from Promutuel Insurance. The company, which has around 630,000 customers, is still paralyzed a month after a cyberattack.
• Read also: Cyber attacks: more than 850 incidents in 2 years at Hydro
Our Investigation Office noted the publication of these data on a site of the group of hackers DopplePaymer in the hidden internet (dark web), from January 7.
Among the documents stolen are contracts with clients and brokers that contain personal information, such as insurance policy numbers and contact information.
There is also competitive information on the Quebec insurer as well as employee emails.
Contacted by our Bureau of Investigation, Promutuel said he had “retrieved” the documents online.
“We are talking about a small number of files, or 15 files,” writes Josée Garneau, director of communications. The analysis has been completed and we confirm that they do not contain any social insurance number, driver’s license, credit card number or other banking information. “
She adds that Promutuel is continuing its investigation and has notified “the regulatory authorities” and the police. The spokesperson, however, does not specify whether the insurer has also contacted the individuals affected by the data theft, as the government will soon require after the adoption of Bill 64.
According to a cybersecurity researcher who assisted our Bureau of Investigation in locating the data, the insurer should expect to find its information online.
“Dopple is one of those pirate gangs who will do anything to make the victims pay,” says Damien Bancal. To bend businesses, they disseminate some sensitive data, often concerning customers or employees. ”
Instructions to brokers
Since the cyberattack, Promutuel has sent several documents to brokerage firms, in particular the directives to follow because of its computer problems.
In December, the grouping of mutuals confirmed in a letter that it no longer had access to all of its systems, including its mailboxes. The organization added that it had opened “an investigation”.
Due to this incident, pre-authorized direct debit payments are suspended.
Customers will still have to pay the sums that have not been paid. A written notice should soon be sent to them in order to specify the modalities for resuming activities.
In a statement aimed at reassuring them, Promutuel said Tuesday that a “solid and effective reconstruction plan has been developed and is being deployed” and that its “computer systems are gradually resuming”.
According to communications sent to brokers, management expects its systems to be up and running by mid-February.
“At this point, we cannot yet confirm the nature or extent of the data affected by the incident,” said the insurer, promising “to deploy all the measures required to protect those potentially affected, if the situation requires it ”.
Promutuel specifies that customers are always insured, even if payment has not been made in December or January.
Joined by The newspaper, certain professionals of the world of insurance deplored the management of Promutuel in this file. They made no secret of their concern about this cyberattack and data security.
“Looks like they’re taking the situation lightly. We have the impression that the problem is out of control, ”said a business partner of the insurer. He prefers to keep his name silent to avoid reprisals.
For its part, the Autorité des marchés financiers, notified in December, affirms “that this is a very serious situation”. The organization says it has discussions with Promutuel on this subject.
“The Authority is very aware of the impacts that this can have on customers and it continues to follow this file very closely,” noted the spokesperson, Sylvain Théberge.
For Gaëtan Brown, a client at Promutuel, the little information the insurer has provided so far is deplorable.
“We haven’t received anything since December 12, no phone and no email. They said they were going to keep their customers informed! Said the insured, who has previously had problems with identity theft with credit cards.
“It’s worrying,” he adds. It is certain that if I quickly know that my data may have been stolen, I will be more vigilant. ”
In 2020, Promutuel, made up of 16 mutual insurance companies, had nearly 2,000 employees.
Natasha Kumar has been a reporter on the news desk since 2018. Before that she wrote about young adolescence and family dynamics for Styles and was the legal affairs correspondent for the Metro desk. Before joining The Times Hub, Natasha Kumar worked as a staff writer at the Village Voice and a freelancer for Newsday, The Wall Street Journal, GQ and Mirabella. To get in touch, contact me through my email@example.com 1-800-268-7116