The US Insurance Giant Kisan Insurance has revealed the data breech affecting 1.1 million customers, in which the Blapping computer is to learn that the data was stolen in the broader salesforce attacks.
Farmers Insurance is a US-based insurer who offers auto, home, life and business insurance products. It operates through a network of agents and subsidiaries, which serves over 10 million houses across the country.
The company revealed the data violation in an advisor on its website, saying that on May 29, 2025, its database was violated in a third party seller.
“On May 30, 2025, one of the third-party vendors of the farmers warned the farmers for suspicious activity, including an unauthorized actor, which included an unauthorized actor who reached one of the database of the seller of the customer’s customer (” incident “),” Data breech notification On your website.
“The third-party vendor had monitoring tools, which allowed the seller to take proper control measures, including quick detection of activity and blocking the unauthorized actor. After learning the activity, the farmers immediately initiated a comprehensive investigation to determine the nature and scope of the incident and noted the appropriate law enforcement officers.”
The company says its investigation determined that the final four digits of customers’ names, addresses, date of birth, driver’s license number, and/or social security numbers were stolen during the breech.
On August 22, the farmers started sending data violation information to the affected persons along with a sample notification (1, 2) Sharing with the office of the Main Attorney General said that a total of 1,1111,386 customers were affected.
While the farmers did not disclose the name of the third-party vendor, the BlappingComper has learned that the data was stolen into the wider salesforce data theft attacks, which have affected many organizations this year.
Bleepingcomputer contacted the farmers with additional questions about Brech and will update the story if we get a response.
Salesforce data theft attack
Since the beginning of the year, danger actors have been classified as ‘UNC6040’ or ‘UnC6240’, which are carrying out social engineering attacks on salesforce customers.
During these attacks, the danger actors conduct voice phishing to cheat employees to connect a malicious Oauth app with their company’s salesforce instance.
Once the link was linked, the danger actors used connections to download and steal the database, which was then used to remove the company via email.
The demand for forced recovery comes from the Shinyhunters Cybercrime Group, who told Bleepingcomputer that the attacks include several overlapping threat groups, with each group, with each group handling salesforce institutes and handling specific tasks to steal data.
“As we have already said repeatedly, shiny and scattered spiders are one and the same,” Shinhetors told BlappingCopper.
“They provide us an initial access and we conduct dump and exfIs of salesforce CRM examples. Like we did with Snowflake.”
Other companies affected in these attacks include Google, Cisco, Faculty, Adidas, Qantas, Allianz Life, and LVMH subsidy Louis Vuitton, Dior, and. Tiffany & Co.
The passwords broke in 46% of the atmosphere, almost doubled by 25% last year.
Picus Blue Report 2025 Now get a wider look at more conclusions on prevention, detection and data exfIs.
