Farmers Insurance Exchange (and its subsidiaries) experienced a data breach after a vendor detected suspicious activity on May 29, 2025. The incident, linked to a broader cybercrime campaign targeting Salesforce environments, resulted in unauthorized access to customer data, including **names, addresses, dates of birth, driver’s license numbers**, and in some cases, the **last four digits of Social Security numbers**. A known cybercrime group claimed responsibility. While the breach was contained with law enforcement and cybersecurity expert support, the exposure of personally identifiable information (PII) poses risks of identity theft, fraud, and reputational harm. The breach is part of a coordinated attack affecting multiple industries, amplifying concerns over third-party vendor vulnerabilities. Affected customers received notification letters, and legal investigations are underway to assess liability and potential compensation for impacted individuals.
TPRM report: https://www.rankiteo.com/company/farmers-insurance
"id": "far3503135091925",
"linkid": "farmers-insurance",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Insurance',
'location': 'United States',
'name': 'Farmers Insurance Exchange',
'type': 'Insurance Company'}],
'attack_vector': 'Third-party vendor compromise (Salesforce environment)',
'customer_advisories': 'Notification letters sent to affected customers',
'data_breach': {'data_exfiltration': 'Likely (data accessed by threat actor)',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Partial Social Security '
'numbers']},
'date_detected': '2025-05-30',
'date_publicly_disclosed': '2025-09-18',
'description': 'Bragar Eagel & Squire, P.C. is investigating potential claims '
'against Farmers Insurance Exchange and its subsidiaries '
'regarding a data breach. The breach, detected on May 30, '
'2025, involved unauthorized access to customer information, '
'including names, addresses, dates of birth, driver’s license '
'numbers, and in some cases, the last four digits of Social '
'Security numbers. The incident is linked to a broader series '
'of cyberattacks targeting Salesforce environments by a known '
'cybercrime group.',
'impact': {'brand_reputation_impact': 'Potential (litigation investigation '
'underway)',
'data_compromised': ['Names',
'Addresses',
'Dates of birth',
'Driver’s license numbers',
'Last four digits of Social Security numbers '
'(in certain cases)'],
'identity_theft_risk': 'High (PII exposed)',
'legal_liabilities': 'Potential (investigation by Bragar Eagel & '
'Squire, P.C.)',
'systems_affected': ['Salesforce environments']},
'initial_access_broker': {'entry_point': 'Third-party vendor (Salesforce '
'environment)'},
'investigation_status': 'Ongoing (legal investigation by Bragar Eagel & '
'Squire, P.C.)',
'references': [{'date_accessed': '2025-09-18',
'source': 'GlobeNewswire (Bragar Eagel & Squire, P.C.)'},
{'source': 'Top Class Actions'}],
'regulatory_compliance': {'legal_actions': 'Potential litigation (under '
'investigation by Bragar Eagel & '
'Squire, P.C.)'},
'response': {'communication_strategy': 'Customer notification letters sent',
'containment_measures': 'Vendor’s monitoring tools contained the '
'incident',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes',
'third_party_assistance': ['Cybersecurity experts',
'Law enforcement']},
'stakeholder_advisories': 'Customers notified via letters; legal firm '
'encouraging affected individuals to contact them',
'threat_actor': 'Known cybercrime group (unnamed)',
'title': 'Farmers Insurance Data Breach (May 2025)',
'type': 'Data Breach'}