The implications of the cyber breach against Shirbit insurance company

The implications of the cyber breach against Shirbit insurance company

Incident Date : 2021 | Topic : Cyber | Region : Middle East | Tag : Case Study

On December 16, 2020 ASERO published a white paper on the Shirbit insurance company cyber breach which included a series of insights and recommendations in the aftermath of the significant attack.  The following paper presents the financial implications on Shirbit in the months following the attack.

Shirbit, among the largest insurance firms in Israel and service provider for government ministries and critical infrastructures, was subject to a large scale cyber breach in November 2020 during which a group calling itself Black Shadow claimed to have taken possession of Shirbit’s client database which contains ID cards, drivers’ licenses, home addresses and phone numbers, marriage certificates, emails and other private client information.

On December 1, Shirbit and Israel National Cyber Directorate (INCD) began investigating the cyber event.

In the weeks following the attack, the Black Shadow group released information stolen from Shirbit. However, Shirbit stood by its decision to not pay the group’s ransom demands stating that “the company will not give in to this type of terror and will act within its means to defend the company’s clients and information.”

ATTACK IMPACT AND IMPLICATIONS

Financial reports published by Shirbit on Sunday April 4, 2021 revealed the extent of fourth quarter losses, effectively erasing annual 2020 profits. Overall 2020 profits dropped by approximate 90 percent.

Losses have been attributed to the inability of the company to renew its insurance policies in during the month of December after servers were shut down.

Four class-action lawsuits which amount to a total of 1.2 billion NIS ($360 USD million) have been filed against the company claiming that Shirbit did not address the security breach appropriately, thereby resulting in the widespread exposure of sensitive client information. Claims also state that Shirbit had cut back on cybersecurity costs at the expense of its customers and displayed a lack of transparency in managing the incident in its aftermath.

Company premiums showed an overall decline of 15 percent in 2020, down from 532 million NIS ($160 million) in 2019 to 453 million NIS ($136 million). In December, when the hack was first revealed, premiums declined by 8 percent compared to the corresponding fourth quarter of 2019.

Phoenix Insurance Ltd., a competitor and multi-line insurance, asset management and financial services is currently in talks to acquire Shirbit. It is important to be aware of the massive potential implications which may arise from a cyber attack of this nature, not just in terms of the impact on clients as a result of data breaches but also on a company or infrastructure’s financials and to take appropriate measures to secure sensitive information and databases accordingly.In this case, the overall impact of this data breach could be the acquisition of Shirbit.