Overview
- AssuranceAmerica detected suspicious activity on March 17, 2026 after attackers targeted an employee account the day before and later found an unauthorized party had copied company data files.
- A company review completed on June 15, 2026 determined the incident exposed 6,998,886 people’s records, according to state filings seen by multiple outlets.
- The stolen files include names, contact and insurance and claims information, driver and vehicle details, and driver’s license numbers, though the company has not fully disclosed whether Social Security numbers were taken.
- AssuranceAmerica has disabled the compromised credentials, isolated affected systems, reset passwords, deployed enhanced monitoring, engaged external forensic specialists, notified law enforcement, and planned customer notification letters beginning July 10.
- The breach raises a high risk of identity fraud for affected people, has prompted at least one law firm to open a class-action probe, and joins several 2026 incidents that exposed government-issued ID data, increasing regulator and consumer-protection attention.