A major cyberattack, suspected to be ransomware, has taken down VSK’s systems for a week, disrupting services for millions of customers.
Russian insurer hit by cyberattack causing service outages
Major Russian insurer facing widespread outages after cyberattack
Russian insurer VSK has spent a week attempting to restore services after a major cyberattack damaged its systems, knocking offline its website, mobile app and other services used by millions of customers.
One of Russia’s largest universal insurers, Moscow-based VSK serves about 33 million people and more than 500,000 businesses and provides property, transport, health, travel, cargo and corporate insurance.
While VSK has not detailed the full impact of the incident, customers have flooded its social media pages with complaints, saying they cannot buy car insurance, amend policies, obtain guarantee letters or book medical appointments. Some people said medical providers were refusing services because they were unable to verify coverage. Email services were also disrupted, with VSK urging clients to send inquiries by regular mail.
The company has not said who was behind the attack or what the hackers’ motive may have been. Russian cybersecurity specialists told local media the incident was likely a ransomware attack.
VSK publicly confirmed the incident on November 13, saying it had detected “a large-scale cyberattack” the day before and was working with external experts to restore systems.
“The incident affected only the performance of our IT infrastructure. The data of our customers and partners is safe,” the company said, adding that its physical offices remain open. It also warned that its corporate domain had been hijacked to redirect visitors to a fraudulent Telegram channel.
The attack comes amid a surge in cyber incidents affecting major Russian enterprises. Last week, Russian port operator Port Alliance reported a large-scale DDoS attack “from abroad” that hit key digital systems, allegedly in an attempt to disrupt coal and fertilizer shipments. In October, a cyberattack on Russia’s agricultural and food safety watchdog snarled food shipments nationwide. It remains unclear whether these incidents are politically or financially motivated.
Days after VSK disclosed its breach, pro-Russian hacker group NoName057(16) said it had launched DDoS attacks against several Ukrainian insurance companies. The group did not explicitly link the campaign to the attack on VSK, and it was unclear whether those targets experienced any operational disruptions.
