View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
January 3, 2019updated 04 Jan 2019 10:56am

Lloyd’s of London Denies Hack Claims, As 9/11 Docs Posted Online

Bitcoin account linked to extortion attempt shows 250 transactions in 2 days

By CBR Staff Writer

Lloyd’s of London on Thursday denied it has been hacked after confidential litigation documents belonging to the leading insurance platform were posted online by a figure calling themselves “The Dark Overlord”.

A sample cache of confidential documents, including some linked to the September 11 2001 terrorist attacks, was posted on the Pastebin site on New Year’s Eve along with threats, and demands to pay a Bitcoin ransom.

lloyd's of londonLloyds of London Hack Threats: “We Remain Vigilant”

A Lloyd’s spokesperson told Computer Business Review in an emailed statement: “Lloyd’s has no evidence to suggest that the Corporation’s networks and systems have been compromised by the hacker group.”

It is understood the documents the hackers have shown so far were stolen during the hack of a specialist law firm in the United States last April. (Lloyd’s didn’t name the law firm in question, but said that they worked with Lloyds syndicate Hiscox).

Read this: The 5 Most Commonly Used Hacking Tools – and How to Defend Against Them

The incident is understood to be being treated by Lloyd’s of London as a fresh extortion attempt, rather than a fresh hack. The specialist insurance market added: “We remain vigilant with a number of protections in place to ensure the security and safety of data and information held by the Corporation.”

The spokesman added: “Lloyd’s will continue to monitor the situation closely, including working with managing agents targeted by the hacker group.”

9/11 Hack Documents Rapidly Pulled Offline

The Pastebin documents were rapidly removed, while Twitter accounts linked to the account were also swiftly suspended. The hacker group has since shifted to making the threats on social media network Steemit.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

One of the several Bitcoin accounts linked to the group appears to have received 108.34 Bitcoin over the last two days in 250 separate transactions. The figure equates to approximately £330,200. Lloyd's of London It is unclear whether these are ransom payments.

The account, set up in August 2018, now has the equivalent to £5.6 million in it, received via 2403 transactions (as calculated by Computer Business Review).

Another Bitcoin wallet linked to the hackers has had the cryptocurrency equivalent to £12 billion (at current conversion rates) moved in and out of it over the past two years.

(An independent academic report sponsored by cybersecurity company Bromium last year estimated that cybercriminal proceeds amounting to an estimated $80-$200 billion are laundered globally each year through crypto and gaming currencies.)

Hiscox: Our Systems are Secure

Lloyd’s syndicate Hiscox in a statement on December 31 that the firm breached in April has no connecting systems to their own and their network is not affected.

“One of the cases the law firm handled for Hiscox and other insurers related to subrogation litigation arising from the events of 9/11, and we believe that information relating to this was stolen during that breach.”

thedarkoverlord said many of the purported 18,000 stolen documents relate to litigation cases that followed the 9/11 New York terrorist attacks and said they were up for grabs to the highest bidder: “If you’re a terrorist organisation such as ISIS/ISIL, Al-Qaeda, or a competing nation state of the USA such as China or Russia, you’re welcome to purchase our trove of documents.”


Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.