Farmers Insurance, data breach affecting 1 million customers

How the breach occurred
Initial findings suggest that the attack was part of a larger wave of intrusions targeting Salesforce. As one of the world’s leading CRM platforms, Salesforce consolidates vast amounts of customer information, making it a prime target for cybercriminals.

Investigators reported that the attackers combined social engineering techniques—particularly fraudulent phone calls known as vishing—with malicious OAuth applications to gain authorized access to legitimate accounts. Once inside, they extracted databases containing detailed customer records.

Unauthorized access is believed to have occurred in late May 2025. However, Farmers Insurance only disclosed the incident months later, a delay that has already triggered scrutiny regarding compliance with state laws requiring timely customer notification

AI Security Risks "On the Rise"

Generative AI doesn't just analyze data — it produces new things based on what it has learned. Often referred to as GenAI, is a subset of artificial intelligence that can create original content such as text, images, videos, audio, or software code in response to user prompts
AI-Enhanced Social Engineering, This is how attackers use AI to create highly effective and individualized social engineering attacks. GenAI systems can create realistic text, voice, or even video content to convince targets
Data Poisoning, In this attack, attackers input incorrect data in the dataset used to train the AI. This corrupted data can modify AI functionality and create false choices or predictions
Machine Learning (ML), is a subset of artificial intelligence (AI) that focuses on developing algorithms that enable computers to learn from and make decisions based on data
Deepfakes, are images, videos, or audio that have been edited or generated using artificial intelligence, AI-based tools or AV editing software