Workers’ Compensation Insurer Beacon Mutual Dealing With Ransomware Attack

Rhode Island-based Beacon Mutual Insurance Co. has experienced a data breach caused by a ransomware attack and is in the process of determining what information and persons may have been affected.

The workers’ compensation insurer said it received an alert on January 14, 2026, regarding suspicious activity on its network. In response, the company said it disconnected certain systems, launched a forensic investigation with external cybersecurity experts, and managed to restore operations by January 20.

The ransomware tracking site, Ransomware.Live, has posted information indicating that the threat group INC Ransom is claiming responsibility for the attack.

The INC Ransom leaked screenshot on the site claims that the breach affected 275 GB of uncompressed/internal files and confidential information including personally identifiable information (PII) of employees, claimants, and insured workers; internal financial statements, correspondence and operational content; detailed workers’ compensation claims data and medical records, and more.

A Beacon Mutual spokesperson confirmed it was a ransomware attack but could not confirm the identity of the attacker or what information may have been affected at this time.

“Yes, this was a ransomware attack,” Michelle Pelletier of the company’s communications team stated in an email. “To ensure the integrity of the ongoing investigation, we are not able to provide additional details at this time.”

She said the company has contacted the Federal Bureau of Investigation (FBI) and “will cooperate in their investigation.”

The company said it is also working with experts on an analysis of the potential data involved in the incident. If the investigation finds there was unauthorized access to or acquisition of personal information, the company said it will notify individuals whose information was involved.

Beacon Mutual, headquartered in Warwick, is the main provider of workers’ compensation insurance in Rhode Island. It also writes in Massachusetts and Connecticut. In 2024, it generated more than $118 million in revenue and employs about 100 people.

The company said it maintains a comprehensive information security program in keeping with recognized industry standards and it reviews and updates its safety measures as part of an ongoing risk management process.

“Like all organizations, Beacon operates within a dynamic threat environment in which security risks may arise despite reasonable and appropriate safeguards,” the company said on its website.

Last August, Farmers Insurance warned of a data breach that could impact more than one million customers. Last June Erie Insurance experienced a month-long network outage caused by a cyberattack but reported it was not a ransomware attacks and no data was breached. Around the same time, Philadelphia Insurance reported it was hit with a cyberattack that did not involve ransom and some data was stolen.

Topics
Carriers
Cyber
Workers’ Compensation
Talent