Cyber Incident Victim: La Capitale Insurance
Date:
Dec 2020
Location:
Canada
Summary
A cyber attack disrupted online services for La Capitale Insurance and its partner SSQ Insurance, causing prolonged system paralysis. Specialists confirmed the incident involved ongoing attacks, leading to widespread interruptions in customer-facing platforms. Both organizations experienced significant operational impacts, including the suspension of telephone services and digital access points. The failure left users unable to engage with essential insurance portals, though specific technical details about the attack vector or responsible actors remained undisclosed. Service restoration timelines were not publicly communicated during the initial outage period.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 4, 2020, La Capitale Insurance and SSQ Insurance experienced a widespread computer failure that paralyzed their online services. The disruption began on Friday morning and persisted through at least Saturday evening, impacting customer access to critical digital and telephonic systems. Specialists investigating the incident publicly attributed the outage to an ongoing cyber attack, though no specific threat actor or attack vector was identified in initial reports. Patrick Mathieu, co-founder of the cybersecurity event Hackfest, corroborated the attack’s occurrence on Saturday evening, stating his team had learned of active attacks from a reliable source. Both insurers displayed service interruption notices on their websites, informing customers that online portals and telephone support channels were non-operational due to technical failures. The coordinated nature of the disruption across two major Quebec-based insurers suggested a targeted campaign rather than isolated incidents.
The incident directly impeded policyholders’ ability to conduct routine transactions, file claims, or seek assistance through standard channels. SSQ Insurance explicitly acknowledged the outage via its website, though neither organization disclosed the full operational scope or data compromise details at this initial stage. The prolonged duration—spanning multiple days—indicated significant infrastructure disruption requiring extended mitigation efforts. No ransomware claims, data exfiltration evidence, or restoration timelines were publicly confirmed during the immediate aftermath. The confirmation of a cyber attack by independent specialists established the event’s malicious origin, distinguishing it from routine technical outages. Service restoration progress and additional forensic findings were not detailed in the available reporting window.