Erie Insurance has reported significant progress in restoring various business systems and applications after an ongoing network disruption that has now lasted 17 days. The insurer stated that the network and system outage, which was initiated on June 7, played a critical role in containing an emerging security threat. However, Erie clarified that there is currently “no evidence of ransomware” and that there are no indications of continued malicious activity from external actors.
At this point, Erie has not confirmed any data breach but emphasized that it is “actively working to determine if any data may have been compromised.” The company continues to investigate the event, referring to it as a “security incident,” with efforts to assess the full scope still ongoing.
In a similar scenario, another Pennsylvania-based insurer, Philadelphia Insurance Companies, is still grappling with the fallout from its own network outage, now stretching into its 15th day. Philadelphia Insurance reported that it had disconnected its systems on June 9 after detecting suspicious activity. The outage has impacted a variety of services, including phone lines, email, and online applications.
The company has firmly stated that, “contrary to some media reports, no systems were encrypted, and this incident is not a ransomware attack.” Nevertheless, it acknowledged that the incident significantly disrupted normal operations. While many of the insurer’s core business systems have been restored, some Philadelphia Insurance employees across the country are still working to regain access to essential systems like email. The company assured its clients and employees, stating that a return to full operational capacity will take time, but it is working diligently around the clock to restore normalcy for both agents and policyholders.
If it is determined that any customer data was accessed or compromised, Philadelphia Insurance has pledged to notify affected individuals accordingly.
Although neither Erie nor Philadelphia Insurance has provided details on the origin or scale of their cybersecurity issues, the Google Threat Intelligence Group has reported that the hacker group known as Scattered Spider appears to have shifted its focus from retail targets to insurance companies. According to the group, Scattered Spider is likely responsible for both the Erie and Philadelphia Insurance breaches, as well as a suspected data breach involving insurer Aflac.
For its part, Erie Insurance is already facing two class action lawsuits, with plaintiffs alleging that a ransomware group infiltrated the insurer’s network and triggered a data breach. These lawsuits further complicate the situation as Erie continues its investigation into the security incident.
It’s encouraging to see both Erie and Philadelphia Insurance working together to restore the networks. The collaboration should hopefully speed up recovery efforts and minimize disruptions. The communication between these companies seems transparent, which is reassuring for those affected.
Weeks later, and it’s still a relief to see these two companies prioritizing network restoration. Hopefully, they’ll be able to prevent future outages and offer additional support to customers in the meantime. Fingers crossed for a speedy recovery!
It’s good to know that Erie and Philadelphia Insurance are keeping the momentum going, but it’d be helpful to get more frequent updates. Many of us are still waiting for full restoration, and clear timelines would help manage expectations.