Particle.news
Download on the App Store
8 ARTICLES
·
2d ago

Farmers Insurance Says Third-Party Breach Exposed About 1.1 Million Customers

Investigators point to unauthorized access at a vendor’s database, with outside reporting linking the theft to a vishing-driven Salesforce campaign.

The Farmers Insurance logo is displayed at company headquarters on August 29, 2023 in Woodland Hills, California
Image
Image
Image

Overview

  • State filings place the impact at roughly 1.07–1.11 million people, including about 40,000 tied to Farmers New World Life and the rest to Farmers Insurance Exchange, Farmers Group, and affiliates.
  • The vendor’s database was accessed on May 29 and flagged on May 30, and Farmers began mailing notification letters to affected customers on August 22.
  • Exposed information includes names, addresses, dates of birth, driver’s license numbers, and in some cases the last four digits of Social Security numbers.
  • Farmers reports no evidence of misuse of the data or compromise of its own systems and is providing 24 months of free credit monitoring through Cyberscout/Soniq.
  • Security reporting links the incident to a broader Salesforce-targeting wave that uses vishing and malicious OAuth app authorizations, with groups such as ShinyHunters and Scattered Spider reported to be involved.