Arthur J. Gallagher Insurance Brokerage Reports Cyberattack

A ransomware incident forced international insurance and risk management giant Arthur J. Gallagher & Co. (AJG) to take its computer systems offline on Saturday, the firm has disclosed.

In a filing with the US Securities Exchange Commission, the insurance broker said it is in “the process of restarting most of our business systems.”

“On September 26, 2020, Arthur J. Gallagher & Co. (the “Company”) detected a ransomware incident impacting a limited portion of our internal systems,” the federal filing reads. 

“We promptly took all of our global systems offline as a precautionary measure, initiated response protocols, launched an investigation, engaged the services of external cybersecurity and forensics professionals, and implemented our business continuity plans to minimize disruption to our customers.”

The attack also affected systems of subsidiary Gallagher Bassett Services, whose website remained offline on Tuesday.

The 8-K form also states that AJG does not “expect the incident to have a material impact on our business, operations or financial condition.”

However, data exfiltration should not be excluded since the company is still in the early stages of assessing the attack’s impact. 

The ransomware attack could have serious implications for customers and employees due to the highly sensitive nature of the data collected by insurers.

This data may include personal, medical and financial information that can be used to conduct other cybercrimes and fraud.