Security Affairs
Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Crooks stole driver’s license numbers from Geico auto insurer

Car insurance provider Geico has suffered a data breach, attackers have stolen the driver’s licenses for policyholders for several weeks. Geico, the second-largest auto insurer in the U.S., has suffered a data breach, threat actors exploited a now-fixed bug in their website to steal the driver’s licenses for policyholders for several weeks. Geico provided coverage for […]

geico

Car insurance provider Geico has suffered a data breach, attackers have stolen the driver’s licenses for policyholders for several weeks.

Geico, the second-largest auto insurer in the U.S., has suffered a data breach, threat actors exploited a now-fixed bug in their website to steal the driver’s licenses for policyholders for several weeks.

Geico provided coverage for more than 24 million motor vehicles owned by more than 15 million policy holders as of 2017.

“We recently determined that between January 21, 2021 and March 1, 2021, fraudsters used information about you – which they acquired elsewhere – to obtain unauthorized access to your driver’s license number through the online sales system on our website. We have reason to believe that this information could be used to fraudulently apply for unemployment benefits in your name.” reads the data breach notification filed by Geico with the California Attorney General’s office.

geico

The auto insurer revealed that attackers used information obtained from other data breaches to obtain info on its policyholders, the company fears that crooks could use the driver’s license number to apply for unemployment benefits on behalf of the policy holder’s name.

Once discovered the security breach, Geico secured the website and launched an investigation into the incident to determine the root cause. The company also announced the implementation of additional security enhancements to help prevent future fraud and illegal activities on our website.

At the time of this writing, the company has yet to determine which drivers have been impacted for this reason it would like to offer its customers a one-year subscription to IdentityForce to help protect their identity from theft.

Geico is recommending customers remain vigilant about unsolicited emails from their state’s unemployment agency and report to the agency any suspicious activity.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Geico)

[adrotate banner=”5″]

[adrotate banner=”13″]