Beacon Mutual Faces Ransomware Attack: Impact on Workers’ Compensation Insurance

Beacon Mutual Insurance Co., based in Rhode Island, has recently fallen victim to a significant data breach resulting from a ransomware attack. The company is currently assessing the extent of the breach and identifying the individuals and information that may have been compromised.

On January 14, 2026, Beacon Mutual received an alert regarding suspicious activity within its network. In response, the company promptly disconnected certain systems and initiated a forensic investigation with the help of external cybersecurity experts. By January 20, Beacon Mutual had managed to restore its operations.

According to Ransomware.Live, a ransomware tracking site, the threat group known as INC Ransom has claimed responsibility for the attack. The group has reportedly leaked a screenshot indicating that the breach involved 275 GB of uncompressed internal files and sensitive information. This includes personally identifiable information (PII) of employees, claimants, and insured workers, as well as internal financial statements, correspondence, operational content, detailed workers’ compensation claims data, and medical records.

A spokesperson for Beacon Mutual confirmed the occurrence of a ransomware attack but refrained from disclosing the identity of the attacker or the specific information that may have been compromised. Michelle Pelletier, a member of the company’s communications team, stated in an email, “Yes, this was a ransomware attack. To ensure the integrity of the ongoing investigation, we are not able to provide additional details at this time.”

Beacon Mutual has reached out to the Federal Bureau of Investigation (FBI) and is committed to cooperating with their investigation. The company is also collaborating with cybersecurity experts to analyze the potential data involved in the incident. Should the investigation reveal unauthorized access to or acquisition of personal information, Beacon Mutual has pledged to notify the affected individuals.

Headquartered in Warwick, Beacon Mutual is the primary provider of workers’ compensation insurance in Rhode Island, with additional operations in Massachusetts and Connecticut. In 2024, the company reported revenues exceeding $118 million and employs around 100 people.

Beacon Mutual maintains a comprehensive information security program that adheres to recognized industry standards, regularly reviewing and updating its safety measures as part of an ongoing risk management process. The company stated on its website, “Like all organizations, Beacon operates within a dynamic threat environment in which security risks may arise despite reasonable and appropriate safeguards.”

In recent months, the insurance industry has faced several cyber threats. Last August, Farmers Insurance reported a data breach potentially affecting over one million customers. Additionally, Erie Insurance experienced a month-long network outage due to a cyberattack in June, although it confirmed that no data was breached. Around the same time, Philadelphia Insurance reported a cyberattack that did not involve ransom, but some data was stolen.

Topics
Carriers
Cyber
Workers’ Compensation
Talent

Beacon Mutual Insurance Co., based in Rhode Island, has recently fallen victim to a significant data breach resulting from a ransomware attack. The company is currently assessing the extent of the breach and identifying the individuals and information that may have been compromised.

On January 14, 2026, Beacon Mutual received an alert regarding suspicious activity within its network. In response, the company promptly disconnected certain systems and initiated a forensic investigation with the help of external cybersecurity experts. By January 20, Beacon Mutual had managed to restore its operations.

According to Ransomware.Live, a ransomware tracking site, the threat group known as INC Ransom has claimed responsibility for the attack. The group has reportedly leaked a screenshot indicating that the breach involved 275 GB of uncompressed internal files and sensitive information. This includes personally identifiable information (PII) of employees, claimants, and insured workers, as well as internal financial statements, correspondence, operational content, detailed workers’ compensation claims data, and medical records.

A spokesperson for Beacon Mutual confirmed the occurrence of a ransomware attack but refrained from disclosing the identity of the attacker or the specific information that may have been compromised. Michelle Pelletier, a member of the company’s communications team, stated in an email, “Yes, this was a ransomware attack. To ensure the integrity of the ongoing investigation, we are not able to provide additional details at this time.”

Beacon Mutual has reached out to the Federal Bureau of Investigation (FBI) and is committed to cooperating with their investigation. The company is also collaborating with cybersecurity experts to analyze the potential data involved in the incident. Should the investigation reveal unauthorized access to or acquisition of personal information, Beacon Mutual has pledged to notify the affected individuals.

Headquartered in Warwick, Beacon Mutual is the primary provider of workers’ compensation insurance in Rhode Island, with additional operations in Massachusetts and Connecticut. In 2024, the company reported revenues exceeding $118 million and employs around 100 people.

Beacon Mutual maintains a comprehensive information security program that adheres to recognized industry standards, regularly reviewing and updating its safety measures as part of an ongoing risk management process. The company stated on its website, “Like all organizations, Beacon operates within a dynamic threat environment in which security risks may arise despite reasonable and appropriate safeguards.”

In recent months, the insurance industry has faced several cyber threats. Last August, Farmers Insurance reported a data breach potentially affecting over one million customers. Additionally, Erie Insurance experienced a month-long network outage due to a cyberattack in June, although it confirmed that no data was breached. Around the same time, Philadelphia Insurance reported a cyberattack that did not involve ransom, but some data was stolen.

Topics
Carriers
Cyber
Workers’ Compensation
Talent