Hemic Data Breach: Social Security Numbers Exposed

Hawaii Employers' Mutual Insurance Company Inc. (Hemic), a workers' compensation insurer based in Honolulu, disclosed a data breach that occurred in early 2026.

On or about Feb. 3, 2026, Hemic became aware of suspicious activity within its computer network. The company launched an investigation with the help of cybersecurity specialists to determine the nature and scope of the activity.

The investigation found that an unknown actor accessed a limited segment of Hemic's network on Feb. 2, 2026. During this unauthorized access, files were copied and potentially viewed.

The types of personal information that may have been exposed include names, Social Security numbers and health records.

The total number of people affected across the United States has not been disclosed. So far, four Maine residents, four Massachusetts residents and two Vermont residents were identified as affected. Hemic began notifying affected consumers in writing on May 13, 2026.

Hemic's response to the breach

Hemic is offering affected individuals complimentary credit monitoring and identity restoration services through Experian IdentityWorks at no cost. Depending on the state the affected individual resides in, the company offered 12 months or 24 months of coverage. Affected individuals can enroll at the Experian IdentityWorks website by Aug. 31, 2026.

The Experian IdentityWorks membership includes credit monitoring, identity restoration support, Experian credit reports and $1 million in identity theft insurance. Identity restoration assistance is available immediately and does not require enrollment.

Hemic has set up a dedicated toll-free assistance line at 1-866-566-1941, available Monday through Friday from 8 a.m. to 5 p.m. Hawaii Standard Time, excluding U.S. holidays. Affected individuals may also write to Hemic at P.O. Box 3376, Honolulu, HI 96801.

Steps to take if your information was exposed

• Place a fraud alert or credit freeze on credit files by contacting Equifax (1-888-298-0045), Experian (1-888-397-3742) or TransUnion (1-833-799-5355), since Social Security numbers were among the data potentially compromised.
• Request free credit reports at AnnualCreditReport.com and review them for unfamiliar accounts or inquiries.
• Review health-related statements carefully for any unfamiliar medical claims or services, since health records were among the types of information potentially exposed.
• Watch for phishing attempts that reference Hemic or this data breach by name, as scammers often exploit breach notifications to trick people into sharing more personal information.
• Report suspected identity theft to the Federal Trade Commission at IdentityTheft.gov or by calling 1-877-438-4338.