Philadelphia Indemnity Insurance Company has confirmed that customer information was exposed during a cyber incident that occurred in June. The company shared the update through a recent filing with California’s Attorney General, marking the latest in a growing number of attacks targeting the insurance sector.
The breach was traced back to a period between June 9 and June 10, when an unauthorized individual gained access to parts of the company’s systems. Although the incident was initially referred to as a network outage, a closer look revealed that certain personal details belonging to customers had been accessed and stolen.
According to the company’s investigation, which concluded about a month later on July 9, the compromised information included customers’ full names, birth dates, and driver’s license numbers. So far, the company has not revealed how many individuals were affected or who might be responsible for the breach.
Philadelphia Indemnity stated that no ransomware was used, and no files were encrypted during the incident. However, to better understand what happened and assess the damage, the company hired independent cybersecurity experts and reported the situation to law enforcement.
This breach comes at a time when cyberattacks targeting insurance companies appear to be on the rise. Security researchers have recently linked several similar incidents to a known hacking group called "Scattered Spider," although Philadelphia Indemnity has not confirmed any connection to that group in this case.
Other companies in the industry, including Aflac and Erie Insurance, also reported data breaches in June, suggesting a broader trend of insurance providers being targeted.
As of now, Philadelphia Indemnity has not issued a public statement beyond the regulatory filing and did not respond to requests for further comment.
The incident is a wake up call regarding the growing risks in the digital ecosystem and the importance of strong cybersecurity, especially for organizations that manage sensitive personal data. Customers are advised to monitor their accounts for unusual activity and consider taking precautionary steps like credit monitoring or identity theft protection.
