Farmers Insurance customers should be taking steps to lock down their personal data after the company disclosed that over a million people were hit in a data breach earlier this year. Bleeping Computer reports that an advisory on the Farmers Insurance website states that on May 30th, a third-party vendor alerted them to suspicious activity including unauthorized access involving one of the vendor's databases.
The breach, which occurred the previous day, exposed customer information including names, addresses, birthdates, driver’s license numbers, and/or the last four digits of Social Security numbers. The third-party vendor had monitoring tools in place that quickly detected the unauthorized activity and were able to take quick containment measures to block unauthorized access. Farmers, after learning about the incident, immediately launched an investigation to determine the nature and scope of the breach and it also notified law enforcement.
Farmers began sending out data breach notification letters to impacted individuals starting on August 22nd, and shared those notifications with the Maine Attorney Generals Office, stating that a combined total of 1,111,386 customers are affected.
While the company did not share the name of the third-party vendor involved, Bleeping Computer disclosed that its research determined that the data was likely part of the widespread Salesforce data theft attacks that also struck multiple other companies this year. Google, Cisco, Workday, Allianz Life and more have been victims to these attacks which use vishing to conduct social engineering style attacks against employees before linking a malicious OAuth app with the company’s Salesforce instances. Once linked, the threat actors can use the connection to download and steal databases then extort the company.
How to stay safe
If you've been affected by this, or any other data breach, you should definitely invest in one of the best identity theft protection services. However, in order to get access to the identity theft insurance and extra support these services provide, you need to sign up before falling victim to a data breach. Many companies do provide free access to one of these services after a major breach though.
One of the best antivirus software suites will also help protect you and your devices from malware and online threats when you're online It's also important to stay vigilant against phishing and social engineering attacks, and to monitor your accounts for suspicious activity. The best way to stay safe against phishing is to avoid clicking on any links, QR codes or attachments in emails or messages from unknown senders.
In order to protect yourself against most common social engineering attacks, it’s always best to be wary anytime you're approached through social media or by contacts offering opportunities that seem to good to be true A quality antivirus software will provide different features to keep you safe online including one of the best VPNs with browser-level privacy protection.
Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
More from Tom's Guide
- Dangerous Android banking trojan found lurking in malicious apps with 19 million installs — don’t fall for this
- Macs under attack from dangerous new info-stealing malware — how to stay safe
- Two-factor authentication provides an easy way to secure your accounts — here's how it works and how to enable it
