Nearly 7 Million Driver’s License Numbers Were Exposed in Another Data Breach

Atlanta insurer AssuranceAmerica took three months to notify nearly 7 million people after a March phishing attack stole SSNs and license numbers across 14 states

Nikshep Myle Avatar
Nikshep Myle Avatar

By

Image: Gadget Review

Key Takeaways

Key Takeaways

  • Compromised login credentials exposed driver’s licenses and SSNs of 6.99 million people.
  • AssuranceAmerica waited three months after detection before notifying nearly seven million affected consumers.
  • Freeze credit immediately, as stolen driver’s license numbers enable loans, tax fraud, and impersonation.

You can change a password in thirty seconds. You cannot change your driver’s license number. That distinction matters right now, because an attacker walked off with identity data belonging to an estimated 6.99 million people — courtesy of Atlanta-based auto insurer AssuranceAmerica.

The breach began March 16, 2026, hitting a company most people have never heard of but that works with roughly 9,500 agents across 14 states. Stolen files reportedly contain names, addresses, driver’s license numbers, Social Security numbers, tax IDs, insurance policy details, and claims histories, according to state attorney general filings. South Carolina alone accounts for 611,046 affected residents.

That combination of data is an identity thief’s meal kit. Driver’s license numbers unlock car rentals, loan applications, banking verifications, and government services. Pair them with Social Security numbers and you’ve handed someone the tools to open accounts, file fraudulent tax returns, or impersonate you at a level that credit monitoring barely catches.

Edelson Lechtzin LLP warned that the exposed data “can be used to commit identity theft or other financial crimes,” according to the firm’s public investigation announcement.

How a Single Click Became a Three-Month Silence

The company detected suspicious activity within a day but took three months to begin notifying affected consumers — a gap that consumer advocates and plaintiffs’ attorneys say raises serious questions about disclosure timelines.

Someone targeted an AssuranceAmerica employee and used compromised login credentials to access internal systems and copy data files — a pattern consistent with credential-based attack techniques described in the company’s breach notice. AssuranceAmerica says it detected suspicious activity on March 17, disabled affected servers, and hired forensic investigators. So far, reasonable.

Then came the gap. The data review wrapped June 15. Notifications started rolling out in late June — roughly three months after the attack began, while nearly seven million people had no idea their identity documents were in someone else’s hands. AssuranceAmerica mentions “enhanced monitoring” and “additional cybersecurity instruction” for staff but has not confirmed whether all affected individuals will receive free credit monitoring.

South Carolina’s Department of Consumer Affairs has stated that “more than 600,000 South Carolina residents could be impacted.”

Your Driver’s License Number Was Never Designed to Be a Secret

From Texas state agencies to hotel check-in kiosks, identity document breaches keep stacking up — right as governments demand more ID uploads online.

This isn’t isolated. In June 2026 alone, Texas disclosed that hackers stole data on 3 million driver’s licenses and passport numbers from its parks and wildlife division. Hotel platforms, money-transfer apps, prison payphone providers — the highlight reel of organizations leaking government IDs keeps growing, and nobody asked to be on it.

The timing carries a sharp irony: age-verification laws are actively pushing more websites to collect the exact documents that keep getting raided. If you’re among those affected, consider taking these steps:

  • Contact your state’s consumer protection agency for guidance
  • Place a credit freeze with the major bureaus
  • Monitor financial accounts closely for suspicious activity

Share this

At Gadget Review, our guides, reviews, and news are driven by thorough human expertise and use our Trust Rating system and the True Score. AI assists in refining our editorial process, ensuring that every article is engaging, clear and succinct. See how we write our content here →