Farmers Insurance, one of the largest auto and home insurance companies in the United States, has disclosed that a cyberattack on a third-party vendor exposed the personal information of 1,071,172 customers. The company was notified on May 30, 2026, that hackers had gained access to a Salesforce database the vendor maintained on Farmers’ behalf, stealing names, dates of birth, driver’s license numbers, and the last four digits of customers’ Social Security numbers.
Farmers says the vendor’s monitoring tools detected and contained the attack. But even partial Social Security numbers combined with driver’s license numbers and birthdates can be enough for identity thieves to open fraudulent accounts, apply for loans, or file fake tax returns in your name. Medical identity fraud is also a risk when personal identifiers are combined with other stolen records. Affected customers will receive official notification letters and are being offered two years of free identity theft protection services.
How to check if you’re affected
Affected products include Farmers Insurance auto and homeowner policies managed through the company’s Salesforce customer database. If you are a current or former Farmers customer, watch for an official notification letter from the company. In the meantime, consider placing a free credit freeze at all three major credit bureaus — Equifax, Experian, and TransUnion — which is the most effective way to stop thieves from opening new accounts using stolen driver’s license and Social Security data.