CNA Financial
CNA Financial, the seventh-largest commercial insurer in the United States, reveals that in March 2021, it was the target of a ransomware attack and had paid $40 million to a group named Phoenix two weeks after a trove of company data was stolen, and CNA officials were locked out of their network. The CNA hackers used malware called Phoenix Locker, a variant of ransomware dubbed "Hades." Hades was created by a Russian cybercrime syndicate known as Evil Corp., according to cybersecurity experts. In December 2019, the Treasury Department announced sanctions on 17 individuals and six entities linked to Evil Corp. The designation by the Treasury Department made it illegal for a U.S. company to knowingly pay a ransom to Evil Corp.
Sources: Bloomberg FOX Business