Erie Insurance reports that it has made progress in reconnecting several business systems and applications as it continues to recover from a network outage that is now 17 days old.
The insurer said the network and system outage it initiated on June 7 helped contain a threat. According to the insurer, “there is no evidence of ransomware and no indication of ongoing threat actor activity.”
It has not yet acknowledged any data breach but said it is “working diligently to identify what, if any, data may have been affected.” The investigation of what it is calling a “security incident” is ongoing.
Meanwhile, another Pennsylvania insurer, Philadelphia Insurance Companies, is continuing its efforts to restore systems following its network outage that is now entering its 15th day.
Philadelphia Insurance said it disconnected its systems to contain the threat from suspicious activity it detected on June 9. Phone, email, and online applications have been affected by the outage.
Philadelphia said that “contrary to media reports, no systems were encrypted, and this was not a ransomware event.”
The insurer said most of its core business systems have been restored. Some Philadelphia employees across the country have regained some access to key systems, including email. “A full return to normal internal operations will take time, but we are working around the clock to get things back to normal for our agents and policyholders,” the insurer said.
If it determines that customer data was accessed, Philadelphia said it will advise those whose information was involved.
Insurance Sector Should Be on the Lookout for ‘Scattered Spider’ Hackers
While neither insurer has spoken of the source or extent of its cybersecurity incident, Google Threat Intelligence Group has said that the hacking group known as Scattered Spider appears to have switched focus from retailers to insurance companies, and is likely behind the Erie and Philadelphia events, as well as a possible data breach at insurer Aflac.
Erie already faces two class action lawsuits that claim a ransomware group accessed the insurer’s network and there was a data breach.
Was this article valuable?
Here are more articles you may enjoy.
Erie Insurance Facing 2 Class Actions Claiming Data Breach 
Insurance Sector Should Be on the Lookout for ‘Scattered Spider’ Hackers 
‘Abolishing FEMA’ Memo Outlines Ways for Trump to Scrap Agency 
US Homeowners Insurance Rates Rose 40.4% in Six Years, Report Shows 
