• United States



by Dave Gradijan

Insurance Firm Shuts Down Website After Hack

Jul 24, 20072 mins
CSO and CISOData and Information Security

Australian insurance company AAMI shut down its website on Friday as a precaution against hackers.

The hackers, believed to be Turkish, accessed a supplementary database on the AAMI website containing media information, including public relations media releases and Q&A fact sheets.

As a consequence, customers coming into the main AAMI site were redirected to an unrelated overseas site that spouted political statements concerning the Middle Eastern conflict.

Once alerted, AAMI closed down the site to investigate the security breach.

“At no time was any customer information or details accessed whatsoever because it sits on a completely separate infrastructure to our website. So in no way could they have accessed our customer information,” said Rob Whelan, AAMI national manager of corporate affairs.

“What we gather from information filtering through to us now is that this group is a Turkish group fairly renowned for this sort of thing and they tend to just want to get a particular propaganda message across. They’re not necessarily interested in accessing information,” he said.

No concrete information is forthcoming on why AAMI in particular was targeted. Yet Whelan speculates that perhaps the group viewed the large insurance company as a strong brand in Australia.

“We’re very comfortable with our customer data security; it’s that particular media information database on the website that we’ll be looking at,” says Whelan, adding that customers will shortly be receiving a message via their website explaining what occurred and the steps AAMI is taking to address it.

— Sharon Springell, Computerworld Australia