The US insurance company, Farmers Insurance, disclosed a data breach of its database at a third-party vendor, impacting 1.1 million customers. On May 29, an unauthorized threat actor accessed the vendor’s database and acquired specific data. The vendor’s monitoring tools detected and appropriately contained the suspicious activity, including blocking the threat actor. On May 30, the vendor reported the suspicious activity to Farmers Insurance, which immediately launched a comprehensive investigation. The investigation revealed that certain personal information related to a select population of Farmers Insurance customers was accessed and acquired, including name, address, date of birth, driver’s license number, and the last four digits of the Social Security number. Farmers Insurance started sending notifications to affected individuals on or around August 22. The NJCCIC recommends that affected individuals review the Compromised PII and Identity Theft NJCCIC Informational Report.