Network Outage
Thank you to our policyholders and agency partners for your patience during our network outage. We’re making steady progress restoring our systems:
- My Policy online payment portal is now available
- Billing and Customer Service call centers reopen Monday, 6/30 at 8am
- Claims can continue to be reported by calling 808.527.7711, 800.272.5202 (toll-free), or emailing claimsreportsdesk@ficoh.com
- Agency Portal and Agency Support Center are now available.
We’re doing everything we can to ensure you continue to receive the service and support you rely on. However, some services remain limited while we work to restore normal operations. We will keep you updated as we complete our service recovery activities.
Overview
Late on June 9th, our Information Security Team received an alert regarding suspicious activity on our network. We subsequently determined there was unauthorized access to our systems. In response, we proactively disconnected affected systems to contain the threat.
Contrary to some media reports, no systems were encrypted, and this was not a ransomware event. The event also did not involve email or any transmission of malware. We are working with law enforcement and cybersecurity experts. Our forensic investigation remains ongoing.
Below, you will find more helpful information. We encourage you to contact our call centers if we can support you in any way.
Frequently Asked Questions
- What happened?
Late on Monday, June 9, our Information Security Team received an alert regarding suspicious activity on our network. In response, we chose to disconnect the network to contain the threat. The network shutdown caused a disruption to our operations, which we are in the process of resolving. We have reported the incident to law enforcement and have engaged third-party forensic experts to assist us. Contrary to media reports, no systems were encrypted, and this was not a ransomware event.
- When did it happen?
The incident occurred late on Monday, June 9, into the early morning hours of Tuesday, June 10. In response, our IT Security Team proactively initiated a network shutdown. Our investigation remains ongoing.
- Is the incident contained?
Yes, we have transitioned from containment of the threat to recovery of our business operations.
- Which systems are impacted?
The network shutdown broadly impacted all Company systems. The network shutdown was necessary to contain the threat and protect Company systems and data. We are still conducting a comprehensive forensic investigation. At this point, all of our systems have been secured and we are working to restore full functionality.
- When will systems be restored?
Most of our core business systems have been restored. A full return to normal internal operations will take time, but we are working around the clock to get things back to normal for our agents and policyholders.
- Was any of my data accessed or acquired?
Our investigation remains ongoing and if we determine that customer data was accessed, we will advise those whose information was involved.
- What will you be doing to prevent this type of incident from happening again?
The Company is already taking steps to further strengthen its defenses and reduce the risk of future threats.
- When and how will you tell us more?
The Company will continue to provide updates and information as it becomes available. Please continue to check our website for additional details.
- Is there anything I should do?
Bad actors sometimes attempt to take advantage of this type of situation. While this incident did not involve our email system or any form of malware transmission, it is always good to exercise caution when receiving any unsolicited emails or phone calls asking for personal information. Customers should not click on links from unknown sources. If a customer receives a call or other correspondence that seems suspicious, we urge them not to provide any information.