'We apologise:" One Call finally admits cyber attack as investigation deepens

Doncaster insurance firm One Call has apologised and finally admitted that it was the victim of a cyber attack –more than week after its systems were taken down by suspected Russian hackers.

Thursday, 20th May 2021, 4:35 pm

Thousands of customers have been left in the dark since last Thursday after cyber criminals hacked into the Black Bank firm’s systems and demanded a ransom, with suggestions the company’s database had been compromised with customer bank details, passwords, policies, email addresses and other personal details reportedly put at risk.

Angry staff accused the firm of covering-up the extent of the attack, believed to be by an Eastern European cybercrime network called DarkSide that targets victms with ransoms and extortion.

Now One Call has apologised and confirmed that it is co-operating with the police and other authorities following the incident which it described as ‘a ransomware attack from a criminal organisation.’

Sign up to our daily newsletter

The i newsletter cut through the noise

Doncaster's One Call Insurance has admitted that it was hacked.

Read More

Read More
Leaked One Call staff messages confirm 'cyber security' incident as major crime ...

A spokesman said: “On May 13, we began experiencing some disruption to our IT systems and immediately hired a dedicated team of IT forensic specialists to help restore our systems and investigate what happened.

"We prioritised the restoration of our customer services systems in an entirely new and secure environment, meaning that all existing customers are receiving the normal support.

"The specialists confirmed that the disruption was the result of a ransomware attack, from a criminal organisation who are under investigation by the authorities.

“Our IT forensic specialists have launched an extensive investigation to assess the full scope of the incident.

"This investigation is at early stages, and therefore there are still many unknowns including whether any data was impacted in the incident.

"We have already notified the Information Commissioner’s Office and other regulators as a precautionary measure, and we will of course be complying with our regulatory requirements as we continue to respond to this incident.

“We apologise for the temporary disruption and any frustration caused."

It comes as the probe into the cyber attack deepens, with financial regulatory body the Financial Conduct Authority joining the police’s Yorkshire and the Humber Regional Organised Crime and the Information Commissioner's Office in investigating.

A brief statement from the FCA said: “We are aware of the issue and are in direct contact with the firm.”

According to staff insiders, DarkSide are understood to have sent a message to the firm’s computers announcing: “Welcome to the DarkSide” and demanding cash.

The hacking is understood to have taken place late last Wednesday night or in the early hours of last Thursday morning, with employees finding their PCs had been infected when they logged on to start work.