AssuranceAmerica disclosed a data breach affecting 6.99 million people, exposing names, contact details, driver’s license numbers, and other insurance-related information tied to auto insurance policies, accounts, drivers, vehicles, and customer claims. The company said it discovered attackers in its systems on March 17 and completed its investigation on June 15, concluding that customer data had been stolen in what appears to be the largest known reported exposure of Americans’ driver’s license information this year.
The insurer said the intrusion involved a targeted employee account and that the compromised credentials were later disabled, but it did not disclose the exact intrusion method or whether extortion or ransom demands were involved. Filings with the Indiana and Maine attorney general offices corroborated the scale of the breach, and customer notification letters are expected to begin on July 10.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
8 events from the most recent confirmed update back to the earliest known activity.
AssuranceAmerica said notification letters to affected customers were expected to begin on 2026-07-10. The notices relate to the breach exposing personal information, including driver's license numbers.
After detecting the intrusion, AssuranceAmerica said it disabled compromised credentials, terminated unauthorized sessions, isolated affected systems, reset passwords, deployed enhanced monitoring and threat detection, provided additional cybersecurity training, and notified law enforcement. The exact date for these response actions was not specified in the reference.
In its breach response disclosures, AssuranceAmerica said it would not provide identity theft protection services to affected individuals, despite the exposure of personal data including driver's license numbers and, in some cases, Social Security numbers.
A TechRepublic report on AssuranceAmerica's breach said some affected customers are eligible for complimentary identity theft protection services. This adds a new response detail beyond earlier disclosures about customer notification and exposed data.
AssuranceAmerica's breach filings with the Indiana and Maine attorney general offices reported that 6.99 million people were affected. The filings established the scale of the incident as one of the largest exposures of U.S. driver's license data reported this year.
On 2026-06-15, AssuranceAmerica completed its investigation and determined that attackers had stolen customer data. The exposed information included names, contact details, driver's license numbers, and insurance-related data tied to policies, vehicles, and claims.
AssuranceAmerica said it discovered hackers in its systems on 2026-03-17. The intrusion was linked to a targeted employee account whose compromised credentials were later disabled.
AssuranceAmerica said malicious activity occurred on 2026-03-16, when attackers targeted an employee and an unauthorized third party copied data files from parts of the company's IT environment. This predates the company's discovery of the intrusion the following day.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
9 references tracked. Mallory keeps watching after this page renders.
scworld.com
Open sourcetechrepublic.com
Open sourcesecurityaffairs.com
Open sourcecybersecuritynews.com
Open sourcebleepingcomputer.com
Open sourcedarkwebinformer.com
Open sourcetechcrunch.com
Open sourcemalwarebytes.com
Open sources3.documentcloud.org
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.