Farmers Insurance has revealed that a data breach has affected the personal information of over 1 million customers. The company made this announcement following filings with state regulators and a notice on its website.
This incident was disclosed late last week. Farmers Insurance, which serves about 10 million households and manages 19 million insurance policies across the United States, offers various products, including auto, property, life, and commercial insurance. The company employs around 48,000 agents and 21,000 staff members nationwide.
Separate notifications were issued by Farmers New World Life Insurance and its parent company, Farmers Group, which is part of Zurich Insurance Group. The notification to the Maine Attorney General’s Office indicated that 40,000 individuals were affected through Farmers New World Life Insurance. Meanwhile, a filing from Farmers Group reported that 1,071,172 people were impacted overall.
The breach did not directly target Farmers Insurance. Instead, the company learned from a third-party vendor on May 30 that unauthorized access had occurred to a database containing customer information. Investigations revealed that the attacker accessed and took certain data just a day before the breach was discovered.
According to the security notice posted on the Farmers Insurance website, the compromised data includes names, addresses, dates of birth, driver’s license numbers, and the last four digits of Social Security numbers. The notification samples provided to state authorities were redacted for privacy.
This breach comes during a time of increased cyber activity in the insurance sector. Other major insurance companies, such as Aflac, Erie Insurance, and Philadelphia Insurance, have also reported cyber incidents recently.
It remains uncertain whether the third-party vendor was the victim of a ransomware attack. Farmers Insurance has not disclosed the name of the vendor involved, and it has not been confirmed if the vendor’s name has appeared on any ransomware leak sites.
Farmers Insurance has stated that it takes the privacy and security of customer information seriously. The company is working closely with law enforcement and cybersecurity experts as part of its response to the breach. They are also offering support to those affected and have notified the relevant authorities as required by law.
In related news, Allianz Life Insurance Company of North America recently faced a significant breach that led to a class action lawsuit over insufficient customer data protection. Similarly, Gallagher reached a $21 million settlement after a 2020 data breach exposed personal information of millions.
As the insurance industry grapples with these challenges, customers are encouraged to stay informed and take precautions to protect their personal information.