bianlian attacks Anderson Insurance Associates

Incident Date:

July 14, 2022

World map



bianlian attacks Anderson Insurance Associates


Anderson Insurance Associates




Charleston, USA

South Carolina, USA

First Reported

July 14, 2022

Anderson Insurance Associates Suffers Ransomware Attack

Overview of the Incident

Anderson Insurance Associates, a Charleston-based independent insurance agency, has recently fallen victim to a ransomware attack perpetrated by the group known as Bianlian. This incident was disclosed on the group's dark web leak site. Operating since 1981, Anderson Insurance Associates has established itself within the insurance sector, boasting four locations across South Carolina.

The agency is celebrated for its exceptional customer service, having been recognized with the Best Practices Award for over a decade. This accolade celebrates the company's commitment to customer service, growth, stability, and financial management. Anderson Insurance Associates offers a comprehensive suite of insurance products and services, including personal, business, life, and health insurance, supported by a dedicated team of professionals.

Notably, the company's approach to customer service includes extended working hours and round-the-clock emergency support, underscoring its dedication to fostering long-term client relationships and effectively managing their risks.

Implications of the Attack

Despite the company's strengths and its robust approach to customer service, it has become the latest target of ransomware attackers. The details regarding the specific vulnerabilities exploited in this attack remain undisclosed. Nonetheless, this incident highlights the critical need for stringent cybersecurity measures within the insurance sector, especially given the sensitivity of customer data handled by these entities.

As of now, the Bianlian group has not provided additional information about the attack or any ransom demands. Similarly, Anderson Insurance Associates has yet to make a public statement regarding their response to the incident.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.