Stolen information included customer names, addresses, dates of birth and last four digits of Social Security numbers. (Credit: NicoElNino/Adobe Stock)
Farmers Insurance recently disclosed a data breach that may have leaked sensitive information of more than 1 million individuals.
In a disclosure filed with the Maine Attorney General’s Office a few days ago, Farmers said one of its third-party providers detected unauthorized access to a database containing Farmers customer information in May.
The attacker stole data including customer names, addresses, dates of birth and last four digits of Social Security numbers. The breach affected 1,111,386 individuals.
"On May 30, 2025, one of Farmers' third-party vendors alerted Farmers to suspicious activity involving an unauthorized actor accessing one of the vendor's databases containing Farmers customer information,” Farmers said in a data breach notification on its website. "The third-party vendor had monitoring tools in place, which allowed the vendor to quickly detect the activity and take appropriate containment measures, including blocking the unauthorized actor. After learning of the activity, Farmers immediately launched a comprehensive investigation to determine the nature and scope of the incident and notified appropriate law enforcement authorities."
Farmers started notifying affected individuals on August 22. It is offering 24-months of an identity protection service for free to those impacted.
Farmers did not name the third-party provider, but tech site Bleeping Computer reported that the vendor was Salesforce. Salesforce has been plagued by data theft attacks this year, with breaches impacting companies like Google, Cisco and Allianz Life.
Attackers have been using voice phishing, or vishing, to convince employees of Salesforce customer companies to link a malicious app with their company’s Salesforce account. They can then download the company’s databases and extort it via email.
The extortion emails come from a cybercrime group called ShinyHunters, Bleeping Computer reports. The group told Bleeping Computer that the attacks are being committed by multiple groups though, working together.
The group says it is a part of Scattered Spider, the cybercrime group that has been targeting insurance companies this summer. “ShinyHunters and Scattered Spider are one and the same,” it told Bleeping Computer.
© Touchpoint Markets, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.