Farmers Insurance has confirmed that a cyberattack on a third-party vendor has exposed the personal information of over one million of its customers. The breach, which was discovered on May 30, 2025, involved an unauthorized actor accessing a database maintained by an unnamed vendor that held sensitive customer data.
The compromised information includes customers’ names, addresses, dates of birth, driver’s license numbers, and the last four digits of their Social Security numbers. The company began notifying affected individuals on August 22, 2025, and is offering two years of free identity theft protection services to those impacted.
The incident highlights the growing risks associated with third-party vendors in the financial and insurance sectors. According to sources, this attack is part of a wider campaign targeting organizations that use Salesforce, a popular customer relationship management platform. The cybercriminal group ShinyHunters and its affiliates are believed to be behind the attacks, which exploit vulnerabilities to steal data and then use it for extortion.
Farmers Insurance, a subsidiary of the Zurich Insurance Group, stated that upon being alerted by the vendor, it immediately launched a complete investigation and notified law enforcement. While there is no evidence that the stolen data has been misused, the company is urging customers to be cautious of phishing attempts and other scams.
This data breach is the latest in a series of cyberattacks that have plagued the insurance industry this year, underscoring the critical need for robust cybersecurity measures not only within companies but also across their entire supply chain of vendors and partners.
