Excerpt from Bleeping Computer Article, Published on August 25, 2025
Farmers Insurance has disclosed a significant data breach impacting approximately 1.1 million customers after an unauthorized actor accessed a third-party vendor’s database where customer information was stored. The breach, which occurred on May 29, 2025, was detected by monitoring tools that quickly alerted both the vendor and Farmers Insurance, allowing containment efforts to be executed promptly. Following the discovery, Farmers Insurance launched a comprehensive investigation and involved law enforcement authorities to assess the full scope of the incident.
According to the investigation, the stolen data includes customers’ names, addresses, dates of birth, driver’s license numbers, and the last four digits of Social Security numbers. Notifications have been sent to affected individuals starting August 22, 2025. Although Farmers Insurance did not reveal the name of the third-party vendor, reports indicate that the breach resulted from a large-scale cyberattack campaign targeting Salesforce customers globally. These attacks involve sophisticated social engineering methods leading to unauthorized access.
Farmers Insurance serves millions of households across the U.S., and this breach has raised concerns about the cybersecurity of sensitive customer data handled through third-party providers. The attack shares characteristics with other high-profile data thefts involving major companies such as Google, Cisco, and Adidas. This incident underscores the increasing risks linked to vendor ecosystems and the importance of rigorous security measures in cloud-based services like Salesforce.
To delve deeper into this topic, Bleeping Computer original article.
