Erie Insurance has reported a cybersecurity incident involving unusual network activity discovered on June 7, 2025.
The company is now working with federal law enforcement and external cybersecurity firms to investigate and contain the breach.
The disclosure was made in an 8-K filing with the U.S. Securities and Exchange Commission submitted yesterday. According to it, Erie activated its internal incident response protocols immediately after detecting the anomaly. Although details remain limited, the company confirmed that the suspicious activity was determined to be an “information security event,” prompting the involvement of third-party digital forensic experts.
Erie Insurance, based in Erie, Pennsylvania, operates through Erie Indemnity Company and serves as the attorney-in-fact for the Erie Insurance Exchange. The firm supports a network of more than 13,000 licensed independent agents across 12 U.S. states and the District of Columbia. As a Fortune 500 company managing nearly $8 billion in direct written premiums, Erie plays a critical role in underwriting, sales support, and policy administration services for its network of insurers.
While Erie has not yet disclosed the method or vector of compromise, the company emphasized that its forensic review is ongoing. No statements were made regarding potential data exfiltration, operational disruptions, or whether customer or employee information was accessed. The impact on business operations and financial performance is currently unknown.
Meanwhile, in a notice published on its website, Erie Insurance warns visitors of scam attempts that may target them, taking advantage of the situation.
“During this outage, Erie Insurance will not call or email customers to request payments. As is best practice, do not click on any links from unknown sources or provide your personal information by phone or email. Contact your agent directly if you have questions about your policy.” – Erie Insurance
The company's filing cautions investors and the public that the ultimate scope and consequences of the incident may evolve. Erie flagged potential legal, reputational, and financial ramifications and noted that additional risks could materialize if more system intrusions are discovered.
In the absence of specific technical details, Erie Insurance partners should follow standard response measures such as resetting account credentials, implementing stricter access controls, and reviewing logs for suspicious activity on their accounts or environment.
The situation remains fluid and subject to change as further forensic analysis is conducted.
CyberInsider has not found any announcements on major ransomware extortion sites claiming responsibility for the attack.
Leave a Reply