In the wake of recent cybersecurity disruptions, Erie Insurance has successfully restored online account access and bill payment services for its customers, marking a key milestone in its recovery process. However, the company continues to work on fully restoring its broader systems, including those used by local agents, claims adjusters, and customer support teams.
The network outage was initiated by Erie Insurance itself on June 7 as a precautionary step in response to a detected threat. The company emphasized once again that, based on its current investigation, no ransomware was involved, and there is no evidence of ongoing malicious activity by external actors.
While Erie has not confirmed any data breach, it acknowledged that a full assessment is still underway. “We are working diligently to identify what, if any, data may have been affected,” the company stated. The process of restoring internal operations is being conducted through a carefully planned and phased approach, with the aim of maintaining customer service as the highest priority.
Philadelphia Insurance Also Progressing Through Outage Recovery
Meanwhile, Philadelphia Insurance Companies (PHLY) is dealing with the aftermath of a separate but similar cybersecurity-related network shutdown, which occurred on June 9 after the company identified suspicious activity on its systems.
To prevent any potential spread of the threat, PHLY proactively disconnected its networks, which impacted various systems including email, telephone communications, and online applications.
Contrary to speculation, Philadelphia Insurance clarified that this was not a ransomware event, and that none of its systems were encrypted. “Despite some media reports, there was no encryption of data, and the incident did not involve ransomware,” the company confirmed.
Philadelphia reported that it has now restored most of its core operational systems, and that some employees across the country have regained access to internal tools, including email. However, the path to full system restoration is ongoing. “A full return to normal internal operations will take time, but we are working around the clock to get things back to normal for our agents and policyholders,” the insurer said.
Like Erie, Philadelphia has not reported a confirmed breach of customer data but stated that if it discovers any unauthorized access, it will promptly notify affected individuals and take the appropriate measures.
Broader Implications and Industry Concerns
Neither Erie nor Philadelphia Insurance has disclosed the origin or full scope of their respective cybersecurity events. However, outside experts are beginning to connect the dots. According to the Google Threat Intelligence Group, a well-known cybercriminal group known as Scattered Spider may be behind both incidents.
This group, known for its highly targeted and adaptive tactics, previously focused on retail and telecommunications, but appears to be shifting its attention toward the insurance sector. Scattered Spider has also been linked to a possible data breach involving insurer Aflac, though details remain limited.
Moving Forward: Vigilance and Restoration
The recent events at Erie and Philadelphia highlight the increasing cyber risk facing the insurance industry, particularly as these companies handle massive volumes of sensitive financial and personal data. While both insurers acted swiftly to contain the incidents and minimize impact, the ongoing disruptions are a stark reminder of the need for robust cybersecurity infrastructure and response protocols.
For now, Erie Insurance customers can once again access their accounts online and make payments, while broader service restorations continue. Philadelphia Insurance is also making progress, gradually restoring access to key systems and business operations.
Both companies reiterated their commitment to transparency, service continuity, and customer protection throughout the recovery process.