Breach cyber

Lemonade, Inc.

Apr 1, 2023 1 min read
Lemonade, Inc.

Lemonade, Inc. suffered a data breach reported by the California Attorney General, where unauthorized access exposed driver’s license numbers of identifiable individuals. The incident occurred between April 2023 and September 2024, though the breach was formally disclosed on April 11, 2025. While the exposed data included sensitive personal identifiers (driver’s license numbers), there is currently no confirmed misuse of the compromised information. The breach highlights vulnerabilities in Lemonade’s data protection measures, raising concerns over potential identity theft or fraud risks for affected individuals. The company has not provided details on the attack vector, but the exposure of government-issued identification numbers categorizes this as a significant data leak with potential long-term repercussions for customer trust and regulatory compliance.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-601295

TPRM report: https://www.rankiteo.com/company/lemonade-inc-

"id": "lem742082025",
"linkid": "lemonade-inc-",
"type": "Breach",
"date": "4/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Insurance (Insurtech)',
                        'location': 'California, USA',
                        'name': 'Lemonade, Inc.',
                        'type': 'Corporation'}],
 'data_breach': {'data_exfiltration': 'Likely',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High (Personally Identifiable '
                                        'Information)',
                 'type_of_data_compromised': 'Driver’s license numbers'},
 'date_publicly_disclosed': '2025-04-11',
 'description': 'The California Attorney General reported that Lemonade, Inc. '
                'experienced a data breach where driver’s license numbers were '
                'likely exposed between April 2023 and September 2024. The '
                'breach was reported on April 11, 2025, and involved '
                "unauthorized access to identifiable individuals' driver’s "
                'license numbers, although no misuse has been confirmed.',
 'impact': {'data_compromised': ['Driver’s license numbers'],
            'identity_theft_risk': 'Potential (no confirmed misuse)'},
 'investigation_status': 'Ongoing (no confirmed misuse as of disclosure)',
 'references': [{'source': 'California Attorney General Report'}],
 'regulatory_compliance': {'regulatory_notifications': ['California Attorney '
                                                        'General']},
 'title': 'Lemonade, Inc. Data Breach Involving Driver’s License Numbers',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.