Phishing Alert Issued Following Cybersecurity Incident at Erie Insurance

One of America’s largest home and auto insurers has notified regulators and customers of a cybersecurity incident and related network outage.

Erie Insurance, part of the Fortune 500, employs over 7,000 staff and 14,000 agents, with its parent company, Erie Indemnity Company, posting revenue of nearly $4 billion last year. The company currently holds over six million active policies.

Recently, Erie Insurance informed customers about an “ongoing network outage” associated with a confirmed “information security event” detected over the weekend. The firm stated, “On Saturday, June 7, Erie Insurance’s information security team identified unusual network activity. We took immediate action to respond to the situation to safeguard our systems and data. Since Saturday, we have continued to take protective action for the security of our systems.”

During this outage, Erie Insurance emphasized that it would not call or email customers requesting payments. The company advised customers not to click on links from unknown sources or provide personal information via phone or email, indicating concern that cybercriminals might have access to customer data or potentially use the incident to launch phishing attacks.

A related SEC filing provided limited details but confirmed that law enforcement has been notified and the firm is continuing to follow its incident response protocols. “The company continues to take protective measures and is conducting forensic analysis with the assistance of leading third-party cybersecurity experts to gain a full understanding of this event,” the notice stated.

Given the recent nature of the event, the full scope, nature, and potential impact on the company are still under investigation. The network outage likely stems from internal efforts to contain the extent of the attack.

Insurers are increasingly targeted by cyberattacks due to the significant volumes of sensitive customer data they manage.