Menu Close

Arthur J. Gallagher disclosed that it was hit with a ransomware attack, prompting the world’s fourth-largest insurance broker by revenue to take its computer systems offline.

The Rolling Meadows, Illinois-based broker said in a securities filing late Monday that it is in “the process of restarting most of our business systems” after discovering the threat a few days ago. The incident affected Gallagher and Gallagher Bassett Services units.

“We promptly took all of our global systems offline as a precautionary measure, initiated response protocols, launched an investigation, engaged the services of external cybersecurity and forensics professionals, and implemented our business continuity plans to minimize disruption to our customers,” the broker said in the disclosure.

Gallagher said it is still in the early stages of assessing the incident, which it does not expect to have “a material impact on our business, operations or financial conditions.” Gallagher Bassett’s website remained offline and inaccessible amid a “system outage” as of Tuesday afternoon.

According to the report by, the attack highlights increasing risk financial firms face from hackers. Ransomware, a malicious software used to export payment by blocking a company or individual’s access to their data, is one of the most common types of cyberattacks and has grown in both size and scope in recent years.

While the frequency of new attacks have slowed by 18% in the first half of 2020, more hackers are finding success with their attacks and are making larger demands, according to a recent report by cyber insurance and security firm Coalition.

The company found that the average demand among its policyholders has doubled from 2019 through the first quarter of 2020 and increased 47% in the second quarter to more than $338,000, resulting in higher cyber losses for insurers.

Worsening the trend is the emergence of dangerous new strains of ransomware such as DoppelPaymer. The average size of ransom demands also vary sharply by malware strain.

Financial firms such as insurance carriers and brokers face a double threat, experts say. Not only do they write or sell cyber insurance, but they themselves are a popular target of hackers due to the large volume of personal information they handle.

Chubb, one of the largest carriers of cyber insurance as part of a policy package, was hit with a Maze ransomware attack in late March. Unlike other malware, Maze infects every computer in its path and not just an organization’s network, TechCrunch reported. A year earlier, Target sued Chubb for $74 million, alleging that the carrier did not properly compensate the retailer after a massive data breach in 2013.

At least 29 financial institutions worldwide including were targeted in ransomware attacks this year, according to the Carnegie Endowment for International Peace.