Commitments and Contingencies

9 Months Ended

Sep. 30, 2021

Commitments and Contingencies [Abstract]

Commitments and Contingencies

10. Commitments and Contingencies

CNA Data Breach-related Contingency

As previously disclosed, CNA sustained a sophisticated cybersecurity attack in March of 2021 involving ransomware. CNA’s investigation revealed that an unauthorized third party copied some personal information relating to certain current and former employees, contractor workers and their dependents and certain other persons, including some policyholders. In July of 2021, CNA provided notifications to the impacted individuals and to regulators, in accordance with applicable law. CNA may be subject to subsequent investigations, fines or penalties, as well as other legal claims and actions, related to the foregoing. The likelihood is reasonably possible, but the amount of such fines, penalties or costs, if any, cannot be estimated at this time.

Based on the information currently known, CNA does not believe that the March 2021 cybersecurity attack will have a material impact on its business, results of operations or financial condition, but no assurances can be given as it continues to assess the full impact from the incident, including costs, expenses and insurance coverage.

CNA Guarantees

CNA has provided guarantees, if the primary obligor fails to perform, to holders of structured settlement annuities issued by a previously owned subsidiary. As of September 30, 2021, the potential amount of future payments CNA could be required to pay under these guarantees was approximately $1.6 billion, which will be paid over the lifetime of the annuitants. CNA does not believe any payment is likely under these guarantees, as CNA is the beneficiary of a trust that must be maintained at a level that approximates the discounted reserves for these annuities.