Continental Casualty Slapped With Suit Over Client Data Breach

Continental Casualty Co., a subsidiary of insurer CNA Financial Corporation, didn’t use basic security protections to protect its systems, leading to a November ransomware attack that exposed the personal information of a swath of current and former customers, a proposed class action said.

The casualty insurance company “willfully” and “recklessly” failed to protect its data systems from unauthorized access, according to a complaint filed Wednesday in the US District Court for the Northern District of Illinois. Plaintiffs estimate “thousands” of individuals’ data was stolen.

On Sept. 27, Infosys McCamish Systems LLC, which supports the insurer’s corporate and business ...