Farmers Insurance confirms breach | Fox News

Data breaches are no longer just a problem for the tech industry. They’ve become a constant across every sector, from airlines to banks to fashion brands, exposing personal data and leaving customers worried about where their information might end up. Insurance companies, sitting on mountains of sensitive details, are no exception. The latest to join the list is Farmers Insurance. The U.S. insurer confirmed that more than 1.1 million customers were affected in a breach linked to the Salesforce attacks that have swept through major organizations this year, stealing customer databases and fueling a growing wave of extortion attempts.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM/NEWSLETTER 

DIOR DATA BREACH EXPOSES US CUSTOMERS’ PERSONAL INFORMATION

What you need to know about the Farmers Insurance breach

Farmers Insurance has confirmed a data breach impacting more than 1.1 million customers. The incident is tied to the ongoing wave of Salesforce-related cyberattacks that have hit major companies this year.

In a notice published on its website, the U.S. insurance giant said the breach occurred on May 29, 2025, through one of its third-party vendors. Farmers serves over 10 million households nationwide. It offers auto, home, life, and business insurance through a vast network of agents and subsidiaries.

« On May 30, 2025, one of Farmers’ third-party vendors alerted Farmers to suspicious activity involving an unauthorized actor accessing one of the vendor’s databases containing Farmers’ customer information, » the company wrote in its advisory.

According to the company, the vendor’s monitoring tools detected the intrusion quickly, allowing containment measures to be taken. Farmers said it immediately launched an investigation, notified law enforcement, and worked to determine the scope of the breach.

The investigation revealed that the stolen data included customer names, addresses, dates of birth, and driver’s license numbers. In some cases, the last four digits of Social Security numbers. Farmers began notifying affected individuals on Aug. 22, with a filing to the Maine Attorney General’s Office confirming that 1,111,386 customers were impacted.

While Farmers did not publicly name the vendor involved, reports indicate that the breach is part of the larger Salesforce data theft campaign carried out by threat actors this year.

ALLIANZ LIFE INSURANCE DATA BREACH EXPOSES 1.4 MILLION AMERICANS

The Salesforce data theft campaign

The Salesforce attacks have been ongoing since early 2025. Researchers attributed them to a threat actor cluster tracked as UNC6040/UNC6240. The intrusions typically begin with voice phishing (vishing) calls, where employees are tricked into approving a malicious OAuth application linked to their company’s Salesforce instance.

Once connected, attackers siphon customer relationship management (CRM) databases and use the stolen data in extortion attempts. The cybercrime group ShinyHunters has claimed responsibility, according to BleepingComputer. The group claims that the attacks involve overlapping threat groups, including members of the notorious Scattered Spider gang.

« Like we have said repeatedly already, ShinyHunters and Scattered Spider are one and the same, » a representative told the publication. « They provide us with initial access, and we conduct the dump and exfiltration of the Salesforce CRM instances. Just like we did with Snowflake. »

The Salesforce campaign has affected a growing list of high-profile companies, including Google, Cisco, Workday, Adidas, Qantas, Allianz Life and luxury brands under LVMH such as Louis Vuitton, Dior, and Tiffany & Co.

GOOGLE CONFIRMS DATA STOLEN IN BREACH BY KNOWN HACKER GROUP

Farmers Insurance response

In response to CyberGuy’s inquiry, a Farmers Insurance spokesperson shared the following statement:

« At Farmers, protecting our customers’ information is our top priority. We recently discovered that an unauthorized third party briefly accessed a vendor’s system that contained some Farmers’ customer information. The incident involved only limited information from certain customers. An investigation-conducted with both internal and external security experts-found no evidence that the exposed data has been misused, nor any indication that Farmers’ own systems were compromised. We are contacting affected individuals directly and are providing support resources, including complimentary credit monitoring. »

8 ways you can stay safe after a data breach

If your personal information has been exposed in the Farmers data breach, take the steps below immediately to limit the damage, protect your identity, and prevent future fraud.

1) Invest in a data removal service

You can’t undo the damage once hackers have accessed your data. However, you can limit the fallout by investing in a data removal service. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice.  They aren’t cheap, and neither is your privacy.  These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites.  It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet.  By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

2) Use identity theft protection services

Your Social Security number or other sensitive data may have been exposed in the data breach. Identity Theft companies can monitor personal information, such as your Social Security Number (SSN), phone number, and email address, and alert you if it is being sold on the dark web or used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

3) Enable two-factor authentication (2FA)

Turn on 2FA for your email, banking, and insurance logins. Even if a hacker has your password, 2FA requires a second verification step, like a code sent to your phone, making unauthorized access much harder.

4) Be wary of phishing and follow-up scams

After a data breach, attackers often follow up with phishing emails or phone calls. They pretend to be from your insurance company or a support service. Don’t click on links in unsolicited messages, and verify any claims through official channels before responding. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com.

5) Freeze your credit right away

Put a credit freeze on your files with Equifax, Experian and TransUnion. This stops criminals from opening new accounts in your name. It’s free, easy to set up, and you can lift the freeze temporarily when needed.

6) Update your passwords now

Change your passwords for all important accounts. Start with email, financial, and health-related logins. Use strong, unique passwords for each account. Consider using a password manager, which securely stores and generates complex passwords, reducing the risk of password reuse.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials. 

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

7) Check your accounts for strange activity

Look for any signs of identity misuse, like:

• Unknown charges
• Logins from unfamiliar devices
• New accounts or lines of credit you didn’t open

Early detection makes a big difference.

8) Report identity theft fast

If someone is misusing your identity, go to IdentityTheft.gov. This government site provides step-by-step help and generates the letters and reports you’ll need to stop the fraud.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

Data breaches keep hitting companies we trust, and Farmers Insurance is the latest reminder. Even when the stolen data hasn’t been misused yet, the risk lingers long after the headlines fade. That’s why it’s so important to stay alert, protect your identity, and take simple steps now. By acting today, you put yourself in control, not the hackers.

Do incidents like this make you reconsider which companies you do business with? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com.  All rights reserved.