Cyberattack forces Rhode Island’s workers’ comp insurer offline | Insurance Business
It is the latest provider hit in a wave that’s already breached 49,400 records
Beacon Mutual, Rhode Island’s largest workers’ compensation insurer, has disclosed a cyberattack that forced it to disconnect systems for six days as unauthorized intruders accessed its network, the latest breach to hit an insurance sector facing escalating cyber threats and multimillion-dollar exposure.
The carrier detected suspicious activity on January 14 and confirmed unauthorized access had occurred, prompting an immediate shutdown of certain systems to contain the threat.
A forensic investigation with cybersecurity specialists remains ongoing to determine what information may have been compromised.
Beacon Mutual restored affected services January 20, stating they were brought back online safely and securely, though the company did not specify which systems or services were impacted during the disruption.
The insurer notified law enforcement and said it will inform individuals whose personal information may have been breached once the investigation provides clearer details.
The incident underscores the mounting financial risks insurers face from cyberattacks. The average cost of a data breach in the US reached $10 million in 2025, the US House Committee on Homeland Security reported, representing exposure that extends beyond reputational damage and regulatory scrutiny.
Beacon Mutual said in a statement that organizations operate within a dynamic threat environment where security risks may arise despite reasonable and appropriate safeguards. The company noted it regularly reviews and updates its security measures as part of its risk management process.
The timing and scope of breach notifications have drawn increased regulatory attention across the insurance sector. Montana regulators are pursuing enforcement action against Blue Cross Blue Shield Montana for a data breach tied to third-party vendor Conduent Business Services that affected up to 462,000 consumers.
The insurer was informed in January 2025 but did not file a formal breach report until October, raising questions about notification delays and vendor oversight obligations, regulatory filings show.
The incident adds to a growing list of cyberattacks targeting workers’ compensation providers. Personal identifying information for nearly 49,400 people was breached at Cove Risk Services, a workers’ compensation services provider, a notice filed with the Office of the Maine Attorney General revealed.
Beacon Mutual operates as a mutual insurance company and has served as Rhode Island’s residual market carrier for workers’ compensation coverage. The company did not indicate whether ransom demands were made or whether any data was exfiltrated from its systems.
The carrier has not disclosed how many policyholders or claimants might be affected by the breach.
Related Stories
