Ransomware Attack on Insurance Agency Marketing Services by MoneyMessage

Victim Overview

Insurance Agency Marketing Services (IAMS) is a company dedicated to providing support and back office services to agents in the insurance industry. They specialize in life insurance and annuities, supporting independent producers throughout the country. With a company size ranging from 11 to 50 employees, IAMS stands out for its commitment to service, integrity, and professionalism in the insurance sector.

Attack Details

The recent ransomware attack on IAMS was claimed by the MoneyMessage ransomware group. The attack, discovered on January 2024, involved a leak of 126GB of data. This breach exposed sensitive information of the company and potentially put their operations at risk.

Ransomware Group Overview

MoneyMessage is a relatively new and insidious ransomware group known for its stealth and double extortion tactics. The group encrypts files without appending any file extensions, making it challenging for victims to identify the encrypted data. They are also known for using a C++ encryptor with an embedded JSON configuration file, enhancing their stealth capabilities.

Company Vulnerabilities

Given IAMS's focus on supporting insurance agents and handling sensitive client data, they are vulnerable to ransomware attacks like the one carried out by MoneyMessage. The group's ability to resist detection and their double extortion strategy pose significant risks to companies like IAMS, emphasizing the importance of robust cybersecurity measures.

Sources

• Avira - Understanding the Rising Threat of MoneyMessage Ransomware
• BreachSense - Insurance Agency Marketing Services Data Breach
• IAMS Privacy Policy
• Twitter - FalconFeedsio
• IAMS Careers