Ransomware Attack on Insurance Agency Marketing Services by MoneyMessage
Incident Date:
May 16, 2024
Overview
Title
Ransomware Attack on Insurance Agency Marketing Services by MoneyMessage
Victim
Insurance Agency Marketing Services
Attacker
Money Message
Location
First Reported
May 16, 2024
Ransomware Attack on Insurance Agency Marketing Services by MoneyMessage
Victim Overview
Insurance Agency Marketing Services (IAMS) is a company dedicated to providing support and back office services to agents in the insurance industry. They specialize in life insurance and annuities, supporting independent producers throughout the country. With a company size ranging from 11 to 50 employees, IAMS stands out for its commitment to service, integrity, and professionalism in the insurance sector.
Attack Details
The recent ransomware attack on IAMS was claimed by the MoneyMessage ransomware group. The attack, discovered on January 2024, involved a leak of 126GB of data. This breach exposed sensitive information of the company and potentially put their operations at risk.
Ransomware Group Overview
MoneyMessage is a relatively new and insidious ransomware group known for its stealth and double extortion tactics. The group encrypts files without appending any file extensions, making it challenging for victims to identify the encrypted data. They are also known for using a C++ encryptor with an embedded JSON configuration file, enhancing their stealth capabilities.
Company Vulnerabilities
Given IAMS's focus on supporting insurance agents and handling sensitive client data, they are vulnerable to ransomware attacks like the one carried out by MoneyMessage. The group's ability to resist detection and their double extortion strategy pose significant risks to companies like IAMS, emphasizing the importance of robust cybersecurity measures.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.