Beacon Mutual Insurance Co. Ransomware Attack Compromises 131,000 Rhode Islanders' Data
Beacon Mutual Insurance Co., Rhode Island's largest workers' compensation insurer, disclosed that highly sensitive personal information belonging to over 131,000 Rhode Islanders was compromised in a ransomware attack earlier in the year. An unauthorized person gained access to the company's system between January 7th and January 14th, accessing files containing names, Social Security numbers, driver's license numbers, financial account numbers, health insurance information, and/or medical treatment details.
Signal context
First seen: May 27, 2026
Last updated: Jun 24, 2026
Status: Public signal
Key points
- Ransomware attack occurred between January 7th and January 14th, 2026.
- Over 131,000 Rhode Islanders affected.
- Compromised data includes names, SSNs, driver's license numbers, financial account numbers, health insurance, and medical treatment information.
Signal analysis
BetaThis analysis groups the signal by industry, likely incident action and impacted security area. It helps compare this signal with other published signals without treating the labels as final determinations.
Sector: Finance and Insurance
Likely country: Location not provided
Watch ransomware, endpoint compromise and business interruption exposure.
- Source type: outside the affected organization
Impact area: Confidentiality, Availability
Likely asset: User or customer data
- 14 signals in the same sector
- 69 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
Cybercrime Wire For May 27, 2026. Beach Mutual Breach Hits 131K Rhode Islanders. WCYB Digital Radio.https://www.youtube.com/watch?v=dQw4w9WgXcQPublic source from youtube.com.
Biggest Cyber Attacks, Data Breaches, Ransomware Attacks of May 2026https://www.cybermanagementalliance.com/biggest-cyber-attacks-data-breaches-ransomware-attacks-may-2026/Public source from cybermanagementalliance.com.
Related signals
Grouped by why the signal is relevant.
Cl0p Ransomware Group Exploits Oracle E-Business Suite Zero-Day
The Cl0p ransomware group launched a large-scale extortion campaign by exploiting a zero-day vulnerability (possibly CVE-2025-61882) in Oracle's E-Business Suite (EBS). This led to critical data breaches for dozens of large corporations, with over 100 companies allegedly impacted. The exploitation activity was observed as early as August 9, 2025, weeks before a patch was available, and suspicious activity dated back to July 10, 2025. The threat actors exfiltrated a significant amount of data from impacted organizations and sent high-volume emails to executives demanding payment.
Fluke Corporation data breach impacts over 18,000, Clop claims responsibility
Fluke Corporation notified over 18,000 people of a data breach that occurred between August 10 and October 7, 2025. The breach, resulting from an exploited vulnerability in a third-party application, compromised highly sensitive personal information including SSNs, birth dates, and disability status. The Clop ransomware group claimed responsibility.
Tampa Bay Dental Implants & Prosthetics discloses ransomware attack and data exposure
Tampa Bay Dental discovered unauthorized access to its network on January 19, 2026, when ransomware was used to encrypt files on a legacy server containing a backup of electronic medical records. Patient data, including names, contact information, birth dates, treatment notes, clinical histories, and for some, Social Security numbers, was exposed.
Vikor Scientific (Vanta Diagnostics) Data Breach Affects 140,000 Patients via Vendor
On February 23, 2026, U.S.-based healthcare diagnostic company Vikor Scientific (rebranded as Vanta Diagnostics) disclosed a data breach that compromised the personal information of 139,964 individuals. The incident stemmed from a security incident at one of its revenue cycle management vendors, Catalyst RCM, where an unauthorized login occurred between November 8-9, 2025. The Everest ransomware group claimed responsibility for the attack.
University of Mississippi Medical Center Hit by Ransomware Attack
In February 2026, the University of Mississippi Medical Center (UMMC) experienced a ransomware attack that forced the closure of most of its clinics and the cancellation of elective procedures. The attack impacted its IT network and many systems, including its Epic electronic medical record system. UMMC confirmed contact with the attackers, but the name of the group was not disclosed initially, though later reports attributed it to Medusa ransomware.
Texas Parks and Wildlife Department data breach exposes over 3 million driver's licenses
The Texas Parks and Wildlife Department (TPWD) disclosed a data breach at its license system vendor that exposed personal information for more than three million individuals. The compromised data included driver's license information, passport numbers, email addresses, phone numbers, and residential addresses. Social Security Numbers, dates of birth, or financial information were not impacted.