Farmers Insurance has confirmed a major data breach affecting 1.1 million customers after hackers compromised a third-party vendor's Salesforce database. The breach, part of a wider campaign by the ShinyHunters group, exposed personal information.
Direwolf has claimed responsibility for an alleged ransomware attack on Wine Works Australia, stating it stole 22GB of data including financial and customer records. The claims remain unverified with no response from Wine Works. CNC will provide updates as more details emerge.
DaVita dialysis provider confirms Interlock ransomware attack exposed personal and medical data of 2.7 million patients including Social Security numbers, health records, and financial information in sophisticated healthcare breach.
Farmers Insurance has confirmed a major data breach affecting 1.1 million customers after hackers compromised a third-party vendor's Salesforce database. The breach, part of a wider campaign by the ShinyHunters group, exposed personal information.
Cyber News Centre's cyber update for 27th August 2025: Farmers Insurance has confirmed a major data breach affecting 1.1 million customers after hackers compromised a third-party vendor's Salesforce database.
Farmers Insurance is a major American insurance group providing a wide range of coverage including auto, home, and small business insurance. The company serves over 10 million households with more than 19 million individual policies across 50 states.
The Update: Farmers Insurance has confirmed a significant data breach impacting 1.1 million of its customers. The incident stemmed from a security compromise at a third-party vendor, where unauthorized actors gained access to a database containing customer information. The breach, which occurred on May 29, 2025, was part of a broader campaign targeting companies using Salesforce services. The exposed data includes sensitive personal information such as names, addresses, dates of birth, driver's license numbers, and the last four digits of Social Security numbers.
Farmers began notifying affected customers on August 22, 2025, nearly three months after the initial breach. The attack has been linked to the notorious ShinyHunters cybercrime group, known for its large-scale data thefts and extortion activities. The incident highlights the persistent threat of supply chain attacks, where vulnerabilities in a vendor's security can have cascading consequences for their clients and customers.
Why it Matters: This breach underscores the significant risks associated with third-party vendor relationships and the concentration of risk in widely used platforms like Salesforce. For the 1.1 million affected Farmers Insurance customers, the exposure of personal data creates a substantial risk of identity theft, phishing scams, and other forms of fraud. The stolen information is a valuable commodity on the dark web, providing criminals with the necessary components to open fraudulent accounts, file false tax returns, or commit other identity-related crimes.
For the broader insurance industry, this incident serves as a stark reminder of the need for robust vendor risk management programs and comprehensive security assessments of all partners with access to sensitive data. The involvement of the ShinyHunters group also signals the continued threat of sophisticated and well-organized cybercrime syndicates targeting large enterprises for financial gain.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Direwolf has claimed responsibility for an alleged ransomware attack on Wine Works Australia, stating it stole 22GB of data including financial and customer records. The claims remain unverified with no response from Wine Works. CNC will provide updates as more details emerge.
DaVita dialysis provider confirms Interlock ransomware attack exposed personal and medical data of 2.7 million patients including Social Security numbers, health records, and financial information in sophisticated healthcare breach.
Qilin ransomware hit Nissan’s Creative Box studio, stealing 4TB of data including vehicle designs, financial records, and VR tech. The breach threatens Nissan’s IP and global operations.
US-based pharmaceutical research organisation Inotiv has confirmed a significant ransomware attack by the Qilin group, disrupting operations and leading to the encryption of critical systems. The attack has impacted business continuity, with the data breach still under investigation.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
