Hemic Data Breach: Social Security Numbers Exposed

Hawaii Employers' Mutual Insurance Company Inc. (Hemic), a workers' compensation insurer based in Honolulu, disclosed a data breach that occurred in early 2026.

On or about Feb. 3, 2026, Hemic became aware of suspicious activity within its computer network. The company launched an investigation with the help of cybersecurity specialists to determine the nature and scope of the activity.

The investigation found that an unknown actor accessed a limited segment of Hemic's network on Feb. 2, 2026. During this unauthorized access, files were copied and potentially viewed.

The types of personal information that may have been exposed include names, Social Security numbers and health records.

The threat actor known as SilentRansomGroup reportedly targeted Hemic on Feb. 27, 2026, potentially compromising protected health and personal information.

The total number of people affected across the United States has not been disclosed. So far, four Maine residents, four Massachusetts residents, three Indiana residents and two Vermont residents were identified as affected. Hemic began notifying affected consumers in writing on May 13, 2026.

Hemic's response to the breach

Hemic is offering affected individuals complimentary credit monitoring and identity restoration services through Experian IdentityWorks at no cost. Depending on the state the affected individual resides in, the company offered 12 months or 24 months of coverage.

Affected individuals can enroll at the Experian IdentityWorks website by Aug. 31, 2026.

Hemic has set up a dedicated toll-free assistance line at 1-866-566-1941, available Monday through Friday from 8 a.m. to 5 p.m. Hawaii Standard Time, excluding U.S. holidays. Affected individuals may also write to Hemic at P.O. Box 3376, Honolulu, HI 96801.