Insurer AXA hit by ransomware attack, lots of Thai data stolen


By and 

BRANCHES of insurance giant AXA based in Thailand (Krungthai-AXA), Malaysia, Hong Kong, and the Philippines have been struck by a ransomware cyber attack with 3 terabytes of data stolen including lots of personal information of Thai and other clients, and said this morning (May 17)

The compromised data obtained by Avaddon, according to the group, includes customer medical reports (exposing their sexual health diagnosis), copies of ID cards, bank account statements, claim forms, payment records, contracts, and more.

BleepingComputer observed an ongoing Distributed Denial of Service (DDoS) against AXA’s global websites making them inaccessible for some time yesterday.

The Avaddon ransomware gang first announced in January 2021 that they will launch DDoS attacks to take down victims’ sites or networks until they reach out and begin negotiating to pay the ransom.

BleepingComputer first reported about this new trend in October 2020, when ransomware groups began using DDoS attacks against their victims as an additional leverage point.

Avaddon’s announcement of the attack on AXA’s systems comes roughly a week after AXA had stated that their cyber-insurance policies written in France would no longer include reimbursement for ransomware extortion payouts.

The Avaddon hackers, in demanding ransom, released samples of the hacked information with almost all of them being of Thai people.

Avaddon said if ransom is not paid in 240 hours more information will be released.

The hackers were able to get AXA’s data from Asia Assistance of Inter Partners Assistance (IPA) in Thailand.


AXA logo. Photo:


Leave a Reply