California Casualty Indemnity Exchange, an insurance provider serving educators, law enforcement, firefighters, and nurses, suffered a data breach discovered on November 5, 2025. An unauthorized individual accessed its IT network between September 2–8, 2025, copying files containing sensitive personally identifiable information (PII) including names, Social Security numbers, dates of birth, driver’s license/state ID numbers, tax IDs, and financial account details. The breach exposed at least five individuals (two in Maine, three in Massachusetts) to risks of identity theft and financial fraud. The company isolated affected systems, engaged a third-party cybersecurity firm, and notified law enforcement. In response, it offered 24-month complimentary Experian IdentityWorks memberships (credit monitoring, identity theft detection, and restoration) to affected policyholders, alongside a dedicated call center for breach-related inquiries. Regulatory filings confirm the incident involved unauthorized data exfiltration of customer PII, though no ransomware was reported. Affected individuals were advised to monitor accounts, obtain credit reports, and consider fraud alerts or security freezes.
Source: https://www.claimdepot.com/data-breach/california-casualty-2025
California Casualty cybersecurity rating report: https://www.rankiteo.com/company/california-casualty
"id": "CAL5692756112025",
"linkid": "california-casualty",
"type": "Breach",
"date": "9/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'At least 5 (2 in Maine, 3 in '
'Massachusetts)',
'industry': 'Financial Services (Insurance)',
'location': 'California, USA',
'name': 'California Casualty Indemnity Exchange',
'type': 'Insurance Company'}],
'attack_vector': 'Unauthorized Network Access',
'customer_advisories': ['Notification letters with instructions for '
'activating Experian IdentityWorks.',
'Guidance on monitoring accounts, obtaining credit '
'reports, and placing fraud alerts/security freezes.'],
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 'At least 5 (exact total '
'unspecified)',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (includes SSNs, financial '
'account numbers, and '
'government-issued IDs)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Financial Data']},
'date_detected': '2025-11-05',
'date_publicly_disclosed': '2025-11-19',
'description': 'California Casualty Indemnity Exchange, a customer-owned '
'insurance company serving educators, law enforcement, '
'firefighters, and nurses, experienced a data breach exposing '
'sensitive personal information of some policyholders. '
'Unauthorized access to the company’s IT network occurred '
'between Sept. 2 and Sept. 8, 2025, with the breach discovered '
'on Nov. 5, 2025. The compromised data included PII such as '
'names, Social Security numbers, dates of birth, driver’s '
'license numbers, tax IDs, and financial account numbers, '
'putting affected individuals at risk of identity theft or '
'financial fraud. The company responded by isolating systems, '
'launching an investigation with third-party cybersecurity '
'assistance, and notifying law enforcement. At least five '
'individuals (two in Maine and three in Massachusetts) were '
'confirmed affected. The company offered 24-month '
'complimentary memberships to Experian IdentityWorks for '
'credit monitoring and identity theft protection.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive PII',
'data_compromised': ['Names',
'Social Security Numbers',
'Dates of Birth',
'Driver’s License or State Identification '
'Numbers',
'Tax Identification Numbers',
'Financial Account Numbers'],
'identity_theft_risk': 'High (due to exposure of PII)',
'operational_impact': 'Isolation of certain IT systems during '
'investigation',
'payment_information_risk': 'Moderate (financial account numbers '
'exposed)'},
'initial_access_broker': {'high_value_targets': 'Policyholder PII and '
'financial data'},
'investigation_status': 'Completed (as of Nov. 5, 2025)',
'ransomware': {'data_exfiltration': True},
'recommendations': ['Affected individuals should activate complimentary '
'Experian IdentityWorks memberships.',
'Regularly review account statements and credit reports '
'for suspicious activity.',
'Consider placing fraud alerts or security freezes on '
'credit files.',
'Report suspicious activity to the Federal Trade '
'Commission (FTC) and local law enforcement.'],
'references': [{'source': 'State Attorney General Filings (California, Maine, '
'Massachusetts)'},
{'date_accessed': '2025-11-19',
'source': 'California Casualty Indemnity Exchange Breach '
'Notification Letters'}],
'regulatory_compliance': {'regulatory_notifications': ['State Attorneys '
'General (California, '
'Maine, '
'Massachusetts)']},
'response': {'communication_strategy': ['Written notification letters mailed '
'to affected consumers (starting Nov. '
'19, 2025)',
'Advisories for affected individuals '
'to review account statements, obtain '
'free credit reports, and consider '
'fraud alerts/security freezes'],
'containment_measures': 'Isolation of certain IT systems',
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'recovery_measures': ['Complimentary 24-month Experian '
'IdentityWorks memberships (credit '
'monitoring, identity theft detection, and '
'restoration)',
'Dedicated toll-free call center for '
'breach-related inquiries'],
'third_party_assistance': 'Cybersecurity firm (unspecified)'},
'threat_actor': 'Unauthorized Individual',
'title': 'California Casualty Indemnity Exchange Data Breach (2025)',
'type': 'Data Breach'}