Breach taxonomy
Summary
On June 7, 2025, Erie Indemnity Company identified unusual network activity determined to be an information security event. The company activated incident response protocols, took immediate protective measures, notified law enforcement, and engaged third-party cybersecurity experts for forensic analysis. The full scope, nature, and impact of the event were not yet known as of filing date. Filed under Item 8.01; materiality not yet determined as of filing date.
Tagging rationale
ThreatUnknown
Filing does not attribute the incident to a specific actor → UNKNOWN.
MethodsMalware
Filing describes unusual network activity requiring containment and forensic analysis; no specific method confirmed → MALWARE (general network intrusion).
AssetsConfidential Biz
Filing describes unusual network activity at a major insurance company with no confirmed data access; corporate network/business systems implicated → CONFIDENTIAL-BIZ.