Erie Insurance says it has made meaningful progress in restoring several business systems and applications, as it continues recovering from a network outage now in its 17th day.
The insurer reported that the network and system shutdown initiated on June 7 was effective in containing the threat. According to the insurer, “there is no evidence of ransomware and no indication of ongoing threat actor activity.”
It has not yet acknowledged any data breach but said it is “working diligently to identify what, if any, data may have been affected.” The investigation of what it is calling a “security incident” is ongoing.
Philadelphia Insurance Companies, also headquartered in Pennsylvania, remains focused on restoring systems as it navigates the 15th day of its network outage.
Philadelphia Insurance reported that it proactively disconnected its systems on June 9 after detecting suspicious activity, in an effort to contain the threat. The outage has impacted phone, email, and online applications.
Philadelphia said that “contrary to media reports, no systems were encrypted, and this was not a ransomware event.”
The insurer reported that most of its core business systems have been restored, with some employees across the country regaining access to key platforms, including email. “A full return to normal internal operations will take time, but we are working around the clock to get things back to normal for our agents and policyholders,” the insurer said.
Philadelphia Insurance stated that if it confirms any customer data was accessed, it will notify all individuals whose information may have been affected.
Although neither insurer has disclosed the source or scope of their cybersecurity incidents, Google’s Threat Intelligence Group reports that the hacking group known as Scattered Spider has shifted its focus from retailers to insurance firms. The group is believed to be responsible for the attacks on Erie and Philadelphia Insurance, as well as a potential data breach involving Aflac.
Erie is already facing two class action lawsuits alleging that a ransomware group gained access to its network, resulting in a data breach.
