Overview
- AssuranceAmerica detected suspicious activity on March 17 and completed a forensic review on June 15 that found attackers copied data files from its systems.
- The company says the stolen records include names, contact information, auto-policy and claims details, driver and vehicle data, and about 6.9 million driver’s license numbers.
- AssuranceAmerica has disabled compromised credentials and affected devices, reset passwords, notified law enforcement, and plans to mail breach notices starting July 10 as required by state rules.
- Key questions remain about who carried out the intrusion, the exact method used to steal employee credentials, and whether Social Security numbers were exposed, and a law firm is weighing a class-action suit.
- The breach follows several 2026 incidents that leaked government-issued IDs, raising the risk of identity theft and account takeover and increasing calls for tighter vendor and ID-verification safeguards.