IDT Solutions AS under scrutiny for possible insurance fraud – InfoDesk AS drawn in after cyberattack

Reaction from the insurance company and InfoDesk AS' role
InfoDesk AS, which was a subcontractor for the web designer behind the WooCommerce solution, was also drawn into the case through the insurance company's recourse notice. InfoDesk AS published an early article about the incident, in which it questioned how the case was being handled. Following this, IDT Solutions AS quickly hired the law firm Advokatfirmaet BAHR AS to demand that the article be removed. At the same time, the lawyers claimed that it was the insurance company itself that had recommended the switch to Magento as a replacement for the infected WooCommerce platform. This despite the fact that work on the Magento solution was, as noted, already under way before the attack. - Open Info has been given access to this documentation.

Disputed cost estimate
Another point that has attracted attention is the cost associated with cleaning up after the malware attack. InfoDesk AS stated early on that cleaning up an infected online store would normally have taken a few working hours and incurred costs of between 5,000 and 6,000 kroner. This stands in stark contrast to the insurance claim of 600,000 kroner that IDT Solutions AS has put forward.

Jason Gordon, an IT security expert from the company Intruig Inc, who has reviewed the files and logs from the case, supports this assessment.

– "Our analyses of the actual material we received from InfoDesk AS show that cleaning up after an attack of this kind would normally have required a few hours' work and incurred a cost of around 5,000 to 6,000 kroner," Gordon states. "The fact that IDT Solutions AS has put forward a claim of 600,000 kroner, without clear signs of damage that extensive, gives grounds for suspicion. We often see attempts to exaggerate the extent of the damage in such cases, and this bears the hallmarks of insurance fraud."

Gordon further points out that IDT Solutions AS itself may have been responsible for many of the problems it now faces, and points here to the logs that have been extracted and analysed.

IDT Solutions AS refused to pay its web designer
Further concerns about IDT Solutions AS' business practices have emerged after the company refused to pay the web designer who was hired to develop the WooCommerce solution. The web designer chose to send the claim to debt collection, and the case ended up before the Conciliation Board, where the web designer won a clear-cut victory. This incident casts a sharp light on the company's attitude towards its partners and could potentially be an indicator of how IDT Solutions AS handles its obligations.

No comment from the parties involved
Open Info has repeatedly attempted to obtain comments from IDT Solutions AS, Crawford, Fremtind Forsikring, and the law firm representing IDT Solutions AS. All parties have declined our requests for statements. The lawyers representing IDT Solutions AS have, however, previously claimed that the insurance company approved the switch to Magento, but have not commented on the allegations that work on the Magento solution started before the malware attack.

The way forward
The case between IDT Solutions AS and its subcontractors is still under investigation. Should Fremtind / Crawford succeed with its recourse claim, it could impose significant financial consequences on InfoDesk AS and the web designer. Open Info will continue to follow developments closely.

Related content:
- IDT Solutions AS submitted a sky-high insurance claim after a malware attack
- Case study: IDT Solutions hit by a malware attack
– Insurance fraud and cyber attacks in Norway
– The responsibility of hosting companies in cybersecurity