First Insurance Company of Hawaii (FICOH), a sister company of Philadelphia Insurance Companies and part of the Tokio Marine Group, is responding to a network outage linked to unauthorized access of its systems.
The incident also affected other Tokio Marine units, including Philadelphia Insurance and Tokio Marine America.
In a joint statement, the companies said the outage was a deliberate action to contain a cyber threat and protect internal systems and data. The companies reported that the disruption broadly impacted all core systems.
"We are still conducting a comprehensive forensic investigation . . . and we are working to restore full functionality," the Tokio Marine companies said, according to a report from AM Best.
A spokesperson confirmed that FICOH’s outage began concurrently with Philadelphia Insurance’s, following the June 9 incident. While most business systems have since been restored, internal operations have not yet returned to pre-incident levels. The group indicated that full recovery will take time.
"We are working around the clock to get things back to normal for our agents and policyholders. We continue to support claims and agents with new and current accounts," the companies said. They added that customers will be notified if any personal data is confirmed to have been compromised.
Cybersecurity analysts have drawn links between these incidents and the hacker group known as Scattered Spider. The group is known for social engineering tactics, including impersonating employees to gain access to internal networks.
Philadelphia Insurance Companies, which reported its own system disruption beginning June 9, continues to assess the impact of the cyberattack across its operations. The company is coordinating efforts with law enforcement and cybersecurity experts as part of its ongoing recovery and investigation process.
Just days before, Erie Insurance experienced a similar outage caused by suspicious network activity detected on June 7. That event, which disrupted systems used for customer service and policy administration, has prompted concerns about a broader campaign targeting US insurers.
Meanwhile, Aflac was also affected by a cyberattack on June 12, reportedly linked to the same threat actor. While the company said the breach was contained within hours and did not cause widespread operational disruption, it acknowledged that sensitive customer data may have been exposed.
What are your thoughts on this story? Please feel free to share your comments below.
