Skip to main content

Wealth Management Firm Avoids $250K Claim

By Corvus Team
1 minute
Last Updated November 13, 2024
Broker Resources

Invoking swift action and robust backup protocols, the firm successfully avoided what could have been a $250,000+ ransomware claim when a compromised VPN account was found for sale on the dark web.

Key takeaways
Company information
Wealth management firm with $500M in annual revenue

Incident type
Security breach via compromised VPN credentials

Response time
Within 30 minutes

[ICON] Actions Taken

 Actions taken
Rapid alert of breach with expert security guidance

Results
No customer data loss, minimal interruption to operations; $250,000+ ransomware claim avoided

Additional Benefits
MFA implemented on VPN accounts to boost security

Download the PDF  

Case study overview

A wealth management firm generating $500M in annual revenue across multiple business units faced a significant threat when a potential ransomware situation emerged. Their ongoing collaboration with the Cyber Risk Services Team equipped them with the necessary tools and strategies to effectively manage the crisis.

The challenge

Corvus received an urgent alert from one of its threat intel sources. A threat actor had compromised a VPN associated with the firm and was selling access to other criminals on the dark web. The firm needed to act quickly to prevent a potential ransomware attack. 

Corvus' response

Revoking access: The compromised VPN account was disabled to prevent further unauthorized access.

Investigation: The firm took the VPN offline for investigation, and discovered that the threat actor had gained access through a payroll account with a weak password after trying various combinations in a “brute-force” attack.

Enhancing security: The Corvus expert guided them in implementing Multi-Factor Authentication (MFA) on their VPN accounts to bolster security against future breaches.

Results

Once a threat actor sells access, a ransomware group is likely to strike within days. Thanks to the swift actions taken by the Cyber Risk Services team, the firm successfully mitigated an incident that could have escalated into a $250,000+ ransomware claim, but instead was contained to just a $3,000 expense.

The timely intervention not only prevented a potential crisis but also ensured that business operations continued with minimal downtime. No customer data was lost, so no reporting requirements were triggered that could have led to reputational harm. The incident underscored the importance of continuous risk management and the value of preparedness in the face of evolving cyber threats. 

Top stories

Social Service Agency

Travelers Cyber Risk Services swiftly addressed a potential ransomware attack at a social service agency. Download the Case Study PDF today.

Learn more

Recent articles

Recent articles

Packaging Products Manufacturing Company

Explore how Travelers helped a mid-sized manufacturer effectively managed a phishing attack while minimizing financial loss and enhancing cybersecurity.

3 minutes

Recent articles

Cyber Alerting 101

When it comes to cyber risk, speed matters. Travelers’ provides real-time email notifications to alert policyholders of critical cybersecurity risks.

5 minutes

Recent articles

Emerging Risks for Tech E&O Clients in 2025

Cyber threats are rising for tech firms in 2024. Learn key Tech E&O trends, risks, and solutions to help your clients stay protected and well-covered.

7 minutes
Explore more articles