Home / Business and Economy / Farmers Insurance Breach Exposes Data of Over 1.1 Million Customers in Salesforce Attacks
Farmers Insurance Breach Exposes Data of Over 1.1 Million Customers in Salesforce Attacks
30 Aug
Summary
- Farmers Insurance confirms data breach affecting over 1.1 million customers
- Breach linked to ongoing Salesforce-related cyberattacks hitting major companies
- Stolen data includes customer names, addresses, birthdates, and driver's license numbers
On May 29, 2025, Farmers Insurance, a major U.S. insurer, discovered that one of its third-party vendors had been the victim of an unauthorized data breach. The incident is part of a larger cybercrime campaign targeting Salesforce customer relationship management (CRM) databases across various industries.
According to Farmers' investigation, the stolen data included customer names, addresses, dates of birth, and driver's license numbers. In some cases, the last four digits of Social Security numbers were also exposed. Farmers began notifying the 1,111,386 affected individuals on August 22, 2025.
The Salesforce attacks have been ongoing since early 2025, with threat actors using tactics like voice phishing (vishing) to gain access to companies' Salesforce instances. Once connected, the attackers siphon customer data and use it in extortion attempts. The cybercrime group ShinyHunters has claimed responsibility for the attacks, which they say involve overlapping threat groups, including members of the notorious Scattered Spider gang.
The Farmers breach is the latest in a growing list of high-profile companies affected by the Salesforce campaign, including Google, Cisco, Workday, Adidas, Qantas, Allianz Life, and luxury brands under LVMH such as Louis Vuitton, Dior, and Tiffany & Co.
