Farmers Insurance

A data breach at Farmers Insurance, discovered via a third-party vendor, exposed the personal information of over **1.07 million customers**. The incident occurred on **May 29–30, 2025**, when an unauthorized actor accessed a vendor’s database containing Farmers’ customer records. The compromised data included **names, addresses, dates of birth, driver’s license numbers, and the last four digits of Social Security numbers**. The breach was detected through monitoring tools, prompting containment measures, including blocking unauthorized access. Farmers launched an investigation, confirming on **July 24, 2025**, that customer data had been accessed and acquired. Affected individuals were notified starting **August 22, 2025**, with offers of **24 months of free credit monitoring and identity protection services**. While no evidence suggested further data exposure, the breach highlights vulnerabilities in third-party vendor security, raising concerns over potential identity theft or fraud for impacted policyholders. The incident aligns with a broader trend of cyber threats targeting U.S. insurers in 2025.

Source: https://www.carriermanagement.com/news/2025/08/25/278778.htm

TPRM report: https://www.rankiteo.com/company/farmers-insurance

"id": "far433082825",
"linkid": "farmers-insurance",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '1,071,172',
                        'industry': 'Insurance',
                        'location': 'United States',
                        'name': 'Farmers Insurance Exchange',
                        'type': 'Insurance Provider'},
                       {'customers_affected': '1,071,172',
                        'industry': 'Insurance',
                        'location': 'United States',
                        'name': 'Farmers Group Inc.',
                        'type': 'Insurance Holding Company'},
                       {'name': 'Unnamed Third-Party Vendor',
                        'type': 'Service Provider'}],
 'attack_vector': 'Third-party vendor compromise (unauthorized database '
                  'access)',
 'customer_advisories': ['Written notices with credit monitoring offer',
                         'Helpline for eligibility checks'],
 'data_breach': {'data_exfiltration': 'Yes (unauthorized access and '
                                      'acquisition confirmed)',
                 'number_of_records_exposed': '1,071,172',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High (PII with identity theft risk)',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)',
                                              'Partial Social Security Numbers '
                                              '(last 4 digits)',
                                              'Driver’s license numbers']},
 'date_detected': '2025-05-30',
 'date_publicly_disclosed': '2025-08-22',
 'description': 'A data breach at Farmers Insurance, detected via a '
                'third-party vendor, exposed personal information of over 1.07 '
                'million policyholders. The breach involved unauthorized '
                'access to a vendor’s database containing customer data, '
                'including names, addresses, dates of birth, driver’s license '
                'numbers, and the last four digits of Social Security numbers. '
                'Farmers launched an investigation, notified law enforcement, '
                'and offered 24 months of free credit monitoring to affected '
                'individuals.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'exposure of 1M+ customer records',
            'data_compromised': ['Name',
                                 'Address',
                                 'Date of birth',
                                 'Driver’s license number',
                                 'Last four digits of Social Security number'],
            'identity_theft_risk': 'High (PII exposed)',
            'systems_affected': ['Third-party vendor database']},
 'initial_access_broker': {'entry_point': 'Third-party vendor database',
                           'high_value_targets': ['Customer PII']},
 'investigation_status': 'Completed (as of 2025-07-24)',
 'post_incident_analysis': {'root_causes': ['Third-party vendor security '
                                            'vulnerability']},
 'references': [{'source': 'Farmers Insurance Breach Notice (Website)'},
                {'source': 'Maine Attorney General Notification'}],
 'regulatory_compliance': {'regulatory_notifications': ['Maine Attorney '
                                                        'General']},
 'response': {'communication_strategy': ['Written notices to affected '
                                         'individuals (sent ~2025-08-22)',
                                         'Public disclosure via website and '
                                         'Maine AG notification',
                                         'Dedicated helpline (1-833-426-6809)'],
              'containment_measures': ['Blocked unauthorized access to vendor '
                                       'database'],
              'incident_response_plan_activated': 'Yes',
              'law_enforcement_notified': 'Yes',
              'recovery_measures': ['24 months of free Cyberscout credit '
                                    'monitoring for affected individuals'],
              'third_party_assistance': 'Yes (vendor containment measures)'},
 'threat_actor': 'Unauthorized actor (unknown)',
 'title': 'Farmers Insurance Data Breach Impacting Over One Million Customers',
 'type': 'Data Breach'}