Lloyd’s of London on Thursday denied it has been hacked after confidential litigation documents belonging to the leading insurance platform were posted online by a figure calling themselves “The Dark Overlord”.
A sample cache of confidential documents, including some linked to the September 11 2001 terrorist attacks, was posted on the Pastebin site on New Year’s Eve along with threats, and demands to pay a Bitcoin ransom.
Lloyds of London Hack Threats: “We Remain Vigilant”
A Lloyd’s spokesperson told Computer Business Review in an emailed statement: “Lloyd’s has no evidence to suggest that the Corporation’s networks and systems have been compromised by the hacker group.”
It is understood the documents the hackers have shown so far were stolen during the hack of a specialist law firm in the United States last April. (Lloyd’s didn’t name the law firm in question, but said that they worked with Lloyds syndicate Hiscox).
The incident is understood to be being treated by Lloyd’s of London as a fresh extortion attempt, rather than a fresh hack. The specialist insurance market added: “We remain vigilant with a number of protections in place to ensure the security and safety of data and information held by the Corporation.”
The spokesman added: “Lloyd’s will continue to monitor the situation closely, including working with managing agents targeted by the hacker group.”
9/11 Hack Documents Rapidly Pulled Offline
The Pastebin documents were rapidly removed, while Twitter accounts linked to the account were also swiftly suspended. The hacker group has since shifted to making the threats on social media network Steemit.
One of the several Bitcoin accounts linked to the group appears to have received 108.34 Bitcoin over the last two days in 250 separate transactions. The figure equates to approximately £330,200. It is unclear whether these are ransom payments.
The account, set up in August 2018, now has the equivalent to £5.6 million in it, received via 2403 transactions (as calculated by Computer Business Review).
Another Bitcoin wallet linked to the hackers has had the cryptocurrency equivalent to £12 billion (at current conversion rates) moved in and out of it over the past two years.
(An independent academic report sponsored by cybersecurity company Bromium last year estimated that cybercriminal proceeds amounting to an estimated $80-$200 billion are laundered globally each year through crypto and gaming currencies.)
Hiscox: Our Systems are Secure
Lloyd’s syndicate Hiscox in a statement on December 31 that the firm breached in April has no connecting systems to their own and their network is not affected.
“One of the cases the law firm handled for Hiscox and other insurers related to subrogation litigation arising from the events of 9/11, and we believe that information relating to this was stolen during that breach.”
thedarkoverlord said many of the purported 18,000 stolen documents relate to litigation cases that followed the 9/11 New York terrorist attacks and said they were up for grabs to the highest bidder: “If you’re a terrorist organisation such as ISIS/ISIL, Al-Qaeda, or a competing nation state of the USA such as China or Russia, you’re welcome to purchase our trove of documents.”