Farmers Insurance Data Breach Impacts 1.1 Million People After Salesforce Attack
(Monday August 25, 2025 @11:30PM (BeauHD)
from the another-day-another-breach dept.)
- Reference: 0178861752
- News link: https://it.slashdot.org/story/25/08/25/2154254/farmers-insurance-data-breach-impacts-11-million-people-after-salesforce-attack
- Source link:
Farmers Insurance [1]disclosed a breach affecting 1.1 million customers after attackers exploited Salesforce in a widespread campaign involving ShinyHunters and allied groups. According to BleepingComputer, the hackers stole personal data such as names, birth dates, driver's license numbers, and partial Social Security numbers. From the report:
> The company disclosed the data breach in an advisory on its website, saying that its database at a third-party vendor was breached on May 29, 2025. "On May 30, 2025, one of Farmers' third-party vendors alerted Farmers to suspicious activity involving an unauthorized actor accessing one of the vendor's databases containing Farmers customer information (the "Incident")," reads the [2]data breach notification (PDF) on its website. "The third-party vendor had monitoring tools in place, which allowed the vendor to quickly detect the activity and take appropriate containment measures, including blocking the unauthorized actor. After learning of the activity, Farmers immediately launched a comprehensive investigation to determine the nature and scope of the Incident and notified appropriate law enforcement authorities."
>
> The company says that its investigation determined that customers' names, addresses, dates of birth, driver's license numbers, and/or last four digits of Social Security numbers were stolen during the breach. Farmers began sending data breach notifications to impacted individuals on August 22, with a sample notification [1, 2] shared with the Maine Attorney General's Office, stating that a combined total of 1,111,386 customers were impacted. While Farmers did not disclose the name of the third-party vendor, BleepingComputer has learned that the data was stolen in the widespread Salesforce data theft attacks that have impacted numerous organizations this year.
Further reading: [3]Google Suffers Data Breach in Ongoing Salesforce Data Theft Attacks
[1] https://www.bleepingcomputer.com/news/security/farmers-insurance-data-breach-impacts-11m-people-after-salesforce-attack/
[2] https://www.farmers.com/content/dam/farmers/marketing/digital/aem/pdfs/disclosures/notice-of-incident.pdf
[3] https://tech.slashdot.org/story/25/08/06/1556252/google-suffers-data-breach-in-ongoing-salesforce-data-theft-attacks
> The company disclosed the data breach in an advisory on its website, saying that its database at a third-party vendor was breached on May 29, 2025. "On May 30, 2025, one of Farmers' third-party vendors alerted Farmers to suspicious activity involving an unauthorized actor accessing one of the vendor's databases containing Farmers customer information (the "Incident")," reads the [2]data breach notification (PDF) on its website. "The third-party vendor had monitoring tools in place, which allowed the vendor to quickly detect the activity and take appropriate containment measures, including blocking the unauthorized actor. After learning of the activity, Farmers immediately launched a comprehensive investigation to determine the nature and scope of the Incident and notified appropriate law enforcement authorities."
>
> The company says that its investigation determined that customers' names, addresses, dates of birth, driver's license numbers, and/or last four digits of Social Security numbers were stolen during the breach. Farmers began sending data breach notifications to impacted individuals on August 22, with a sample notification [1, 2] shared with the Maine Attorney General's Office, stating that a combined total of 1,111,386 customers were impacted. While Farmers did not disclose the name of the third-party vendor, BleepingComputer has learned that the data was stolen in the widespread Salesforce data theft attacks that have impacted numerous organizations this year.
Further reading: [3]Google Suffers Data Breach in Ongoing Salesforce Data Theft Attacks
[1] https://www.bleepingcomputer.com/news/security/farmers-insurance-data-breach-impacts-11m-people-after-salesforce-attack/
[2] https://www.farmers.com/content/dam/farmers/marketing/digital/aem/pdfs/disclosures/notice-of-incident.pdf
[3] https://tech.slashdot.org/story/25/08/06/1556252/google-suffers-data-breach-in-ongoing-salesforce-data-theft-attacks
Must be some of that AI vibe code (Score:2)
by Tony Isaac ( 1301187 )
SalesForce is pushing their AI really hard. And they have a software development environment that only a SalesForce salesperson could love. Take your pick, either way of automating SalesForce is not going to be done using a quality SDLC process, and will almost certainly not have a proper QA or security certification process. It's a wonder it took this long for somebody to use SalesForce as an attack vector.
Oh yes, I see there's a link regarding Google dealing with the same thing. Not surprised.
It isn't a harvest (Score:2)
It isn't a harvest that you have to wait for farmers. Other organizations have acted a little quicker.
Curious why they took longer.
Sure, Google was faster to report. But companies like the middle eastern branch of Coca-Cola and Chanel don't exactly strike me as quick business or cyber response teams.