- The iPad I recommend to most users is only $299 right now
- One of the most versatile action cameras I've tested isn't from GoPro - and it's on sale
- Small Manufacturers, Big Target: The Growing Cyber Threat and How to Defend Against It
- Why I pick this JBL speaker over competing models for outdoor listening
- Testing a smart cooler proved I can never go back to toting ice (and it's on sale)
Phishing Alert as Erie Insurance Reveals Cyber “Event”
One of America’s largest home and auto insurers has notified regulators and customers of a cybersecurity incident and related network outage.
Fortune 500 business Erie Insurance employs over 7000 staff and 14,000 agents, with parent company Erie Indemnity Company posting revenue of close to $4bn last year. It currently boasts over six million active policies.
However, the firm warned customers yesterday of an “ongoing network outage” related to a confirmed “information security event” which was discovered last weekend.
“On Saturday, June 7, Erie Insurance’s information security team identified unusual network activity. We took immediate action to respond to the situation to safeguard our systems and data. Since Saturday, we have continued to take protective action for the security of our systems,” a notice on its website revealed.
“During this outage, Erie Insurance will not call or email customers to request payments. As is best practice, do not click any links from unknown sources or provide your personal information by phone or email.”
The latter suggests that the company is concerned that cybercriminals either have access to customer data and/or may use the incident itself to launch phishing attacks.
A related SEC filing had little else to say aside from the fact that law enforcement has been notified and that the firm continues to work through its incident response protocols.
“The company continues to take protective measures, and is conducting forensic analysis with the assistance of leading third-party cybersecurity experts to gain a full understanding of this event,” it noted.
“Given the recency of the event, the company’s investigation and response are ongoing, and the full scope, nature, and ultimate impact on the company are not yet known.”
While unclear, the network outage is most likely the result of internal efforts to contain the blast radius of the attack.
Insurers are a popular target for cyber-attack given the large volumes of sensitive customer data they hold.
Image credit: T. Schneider / Shutterstock.com
