Overview
Farmers Insurance disclosed that personal data from more than 1.1 mn policyholders was accessed during a data breach at a third-party vendor.
The company confirmed the incident in state regulatory filings and began notifying affected customers.
A Farmers spokesperson said the exposure involved “only limited information from certain customers.”
The vendor’s monitoring systems detected the intrusion on May 30 and blocked the unauthorized access after containment measures were applied.
Following the notification, Farmers initiated its own review with internal and external cybersecurity teams. Investigators concluded that the breach did not compromise Farmers’ core systems. They also reported no evidence that the exposed information has been misused to date.
The carrier has since reassessed how its systems connect with the vendor, requiring compliance with updated security protocols. Farmers added that it is improving its own defenses by strengthening technology layers and tightening operational processes.
The company has begun contacting affected policyholders directly. Impacted customers will receive 24 months of free identity-monitoring and credit-protection services.
Security experts note that the case highlights how vendor integrations remain a weak link for large insurers. Even when internal networks stay intact, sensitive client data can still be exposed through partners with lower resilience.
Farmers Insurance Exchange and Farmers Group Inc., among the largest U.S. multiline insurers, join a growing list of carriers facing fallout from vendor-related cyber intrusions.
| Insurer | Time Frame | Breach Vector | Affected Data | Scale | Internal Systems |
| Farmers | May 2025 | Third-party vendor breach | Names, DOBs, DL numbers, partial SSNs | ~1.1 mn customers | Not breached |
| Allianz Life | July 2025 | CRM cloud/social engineering | PII of customers and staff | ~1.4 mn customers | Not breached |
| Aflac | June 2025 | Social engineering | SSNs, claims, health info | Undisclosed scale | Not breached |
Farmers Insurance Confirmed Over 1.1 mn Policyholders Exposed
Stored by a third‑party vendor, data on 1,071,172 customers—including names, birthdates, driver’s license numbers, and the last four digits of SSNs—was accessed via a breach discovered on May 30, 2025.
Farmers insists its core systems remained intact. They’ve initiated an investigation, offered 24 months of free identity monitoring, and tightened vendor and internal security protocols.
Allianz Life (July 2025): Biggest U.S. Life Insurer Hit This Summer
On July 16, Allianz Life—serving around 1.4 mn U.S. customers—fell victim to a breach via a third-party, cloud-based CRM. The attacker used social engineering to access customer, financial-professional, and some employee data.
Allianz quickly engaged the FBI, contained the attack, and began notifying those affected. The breach did not compromise internal systems, and Allianz is offering 24 months of identity protection.
According to a company statement, the attacker used a social engineering tactic to gain entry and extract personally identifiable information. The breach also affected financial professionals and some Allianz Life employees.
Allianz Life said it took immediate steps to contain the breach, launched an internal investigation, and notified the FBI. The insurer stated that its core systems—including the policy administration platform—remain unaffected.
The company is currently reaching out to affected individuals and continues to assess the full scope of the incident. Allianz clarified that the breach is limited to its U.S. operations.
The incident follows a separate June breach at Philadelphia Insurance Cos., according to a filing with the California Attorney General. That breach, discovered on July 9, exposed data such as names, birthdates, and driver’s license numbers.
Aflac (June 2025): Social Engineering Strike During Summer
Aflac reported detection of a breach on. The incident stemmed from a “Scattered Spider” social-engineering operation.
The attack emptied users’ SSNs, insurance claims, and health data—but Aflac remained operational and did not disclose total numbers impacted.
The attackers gained access using social engineering methods. Aflac stated it detected the suspicious activity within hours and immediately stopped the attack.
The company engaged a leading third-party cybersecurity firm to assist in the response and has launched a full review of potentially accessed data.
The files that may have been involved include sensitive information such as claims records, health data, Social Security numbers, and other personal details.
Aflac said the number of individuals potentially affected remains unknown until the file review is completed.
In response, Aflac has established a call center and is offering free credit monitoring and identity theft protection services to individuals who may be impacted.
