Financial Services / Commercial Property & Casualty Insurance / B2B via independent agencies / United States (20 states + DC)
Sarasota-based commercial property-and-casualty and workers' compensation insurer serving businesses through independent agents in 20 states.
The Breach Risk Index (BRI) is a proprietary 0–100 score rating how dangerous a breach is right now, based on how recently the data has been circulating on the dark web and how valuable it is to attackers.
On or about June 28, 2026, FCCI Insurance Group was compromised in a Redact ransomware and extortion intrusion that began with voice-phishing (vishing) and session-hijacking to bypass multi-factor authentication. Roughly 118,000 records are in circulation through the actor's leak channel. Reporting indicates names and Social Security numbers among the exposed data; the company did not enumerate the full field set.
Full threat analysis, exploitation vectors, and principal guidance below.
10 additional sections · verified field analysis · defensive doctrine
118k rows records analyzed
FCCI Insurance Group is a Sarasota, Florida commercial property-and-casualty insurer founded in 1959 as a workers' compensation self-insurance fund for local employers. It now writes commercial auto, general liability, property, umbrella, workers' compensation and surety bonds with related risk-control services, distributed exclusively through independent agencies across 20 states and Washington, D.C. The carrier holds roughly $2.8 billion in assets and about $1 billion in direct written premium and is rated A (Excellent) by A.M. Best.
As a workers'-compensation and commercial-lines carrier, FCCI holds policyholder and claimant records that routinely include names, Social Security numbers, and injury, employment and claims information, alongside agent and insured-business data. This is high-sensitivity identity and financial information gathered in the ordinary course of underwriting and claims administration.
FCCI disclosed the incident in mid-2026 and continues to operate as an A-rated regional carrier, notifying affected individuals following the intrusion.
A workers'-compensation carrier breach exposes claimants and insured employees who never dealt with the attacker directly, creating notification and regulatory obligations across FCCI's 20-state footprint and potential litigation. Because Social Security numbers are implicated, affected individuals face elevated identity-theft exposure that typically drives credit-monitoring offers and state attorney-general reporting.
A financial-institution breach: account, wealth or payment data supports direct fraud and highly credible financial-impersonation scams. For a high-profile principal the main risk is credible impersonation and enrichment of existing exposure.
Motivation: Unknown
A handle/label appearing as a claimed breach source. No substantive public threat-intelligence reporting was confirmed; treat as unverified pending corroboration.
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation