Key facts
- AssuranceAmerica confirmed a data breach affecting 6.9 million individuals.
- Stolen data includes names, contact information, and driver's license numbers.
- Information on auto insurance policies and customer accounts was also compromised.
- The breach was discovered on March 17 and the investigation concluded on June 15.
- This is the largest known spill of driver's license information this year.
U.S. insurance provider AssuranceAmerica has confirmed a significant data breach that exposed the personal information and driver's license numbers of approximately 6.9 million individuals. This incident marks the largest known spill of American driver's license data this year.
The breach was discovered on March 17, and AssuranceAmerica concluded its investigation on June 15. The compromised data includes customers' names, contact information, and crucially, their driver's license numbers. Additionally, information related to customers' auto insurance policies, accounts, drivers, vehicles, and claims was also accessed by the hackers.
AssuranceAmerica stated that hackers targeted an employee, leading to the compromise of credentials. The specific method of credential theft remains unclear, though past incidents have involved password-stealing malware or compromised software. The company has not disclosed whether it had contact with the hackers or paid a ransom.
According to filings with the Indiana attorney general's office, AssuranceAmerica reported the breach affected 6.99 million people, with notification letters scheduled to be sent out on July 10. A similar notification was shared by the Maine attorney general's office. This incident follows a series of data breaches affecting driver's licenses and other identity documents in recent months, including a breach impacting over 3 million records in Texas.
