6.99 Million Americans Just Had Their Driver’s License Number Exposed. Here’s What To Do if You’re Affected

The breach exposed driver's license numbers, insurance records, vehicle details, and contact information, increasing the risk of identity theft, fraud, and phishing attacks.
We receive compensation from the products and services mentioned in this story, but the opinions are the author's own. Compensation may impact where offers appear. We have not included all available products or offers. Learn more about how we make money and our editorial policies.

AssuranceAmerica, one of the leading insurance providers in many U.S. states, suffered a data breach that compromised the personal information of 6,998,886 customers, making it the largest cybersecurity lapse involving Americans' driver's license numbers in 2026.[1]

If you're an AssuranceAmerica client or were one previously, your personally identifiable information, such as your name, contact details, and driver’s license number, may now be at risk.

Even worse, the company isn't providing free identity monitoring to help you weather the storm. Imagine a cybercriminal opening a new line of credit in your name or even impersonating you entirely, all without you realizing it until it's too late.

Here's what was taken, how the insurance company responded, and the steps you can take right now to secure your identity.

In this article
What we know about the attack
A growing pattern of driver data abuse
What can you do now?
Bottom line

What we know about the attack

According to the letter sent to AssuranceAmerica customers, the company first detected suspicious activity on March 17, 2026, after which an investigation was launched in collaboration with external computer forensic specialists.

According to TechCrunch, who first reported the data breach, the company has not shared details on how attackers breached its systems, but said the suspicious activity involved an attack targeting one of the company's employees.

The following customer data has been confirmed to have been leaked during the data breach:

  • Name
  • Contact information
  • Vehicle insurance policy or insurance account information
  • Driver or vehicle information
  • Driver's license number
  • Claims-related information

Following the data breach, the company quickly disabled compromised credentials, terminated all unauthorized sessions, isolated the affected systems, and notified law enforcement agencies.

"The company has taken, and continues to take, steps to prevent similar incidents from happening in the future," AssuranceAmerica said in its letter. This includes enhancing its security and IT systems and deploying additional threat detection and enhanced monitoring tools.

A growing pattern of driver data abuse

This is the second incident involving driver's license number breaches in the last month.

The Texas Parks and Wildlife Department notified customers of a breach in late June that exposed personal information, including driver's license numbers, passport numbers, phone numbers, residential addresses, and email addresses, belonging to more than 3 million Texas hunting and fishing license holders.

Additionally, the Japanese subsidiary of Aflac — another American insurance provider — suffered a data breach last month in which details such as names, addresses, telephone numbers, policy numbers, coverage details, and premium payment account information pertaining to 4.38 million customers were compromised.

As it turns out, driving in the U.S. is becoming increasingly risky from a digital privacy standpoint. Since last year, Flock Safety has rapidly expanded its AI-powered automatic license plate reader (ALPR) network across the country, creating a dystopian surveillance state.

In the wrong hands, sensitive information such as your driver's license number, email address, and phone number could be used for identity theft, financial fraud, or highly convincing phishing attacks that trick you into revealing even more sensitive information, such as your banking credentials.

What can you do now?

Unfortunately, AssuranceAmerica is not offering free credit monitoring following this incident. Here are a list of steps you can take instead.

  1. Use an identity theft protection service to help stay on top of any signs that your personal information has been exposed or misused, such as your data appearing on the dark web.
  2. Watch out for fake emails or texts appearing to come from AssuranceAmerica and prompting you to click a link or verify your account.
  3. Place a credit freeze by contacting all three credit bureaus: Equifax, Experian, and TransUnion. It will block malicious actors from opening new lines of credit in your name or take over existing credit accounts.
  4. If you do not want to freeze your credit, you can also place a fraud alert, which requires lenders to verify your identity before opening a new line of credit in your name. This service is completely free, and the alert lasts for one year.
  5. Track insurance policy changes. Since the compromised information relates to your insurance policy, look for insurance claims you did not file or policy changes you did not request. You can contact AssuranceAmerica directly if you notice any unexpected changes.
  6. Keep an eye on your bank and credit card statements. Look for any suspicious transactions you did not make, and keep reviewing your credit reports, bank accounts, and other financial statements over the next few months.

Bottom line

AssuranceAmerica's data breach has exposed the personal information of nearly 7 million customers, leaving them at risk of having sensitive details such as their driver's license number, contact information, and insurance records exploited for identity theft, financial fraud, or highly targeted phishing attacks.

Unlike a compromised credit card, a leaked driver's license number can't simply be replaced or blocked. That means affected customers will need to stay vigilant by maintaining good cyber hygiene — avoiding suspicious emails and texts, regularly monitoring their financial accounts, and making use of safeguards such as credit freezes, fraud alerts, and identity theft protection services.

4.8
Editorial Rating
Get Deal
On LifeLock's website
2026 Editors’ Choice
Best ID Theft Service for Comprehensive Monitoring
Identity Protection
LifeLock
  • ID theft protection with U.S.-based restoration specialists and data removal services included on every plan
  • ID theft insurance on all plans, with the Total plan covering up to $3M
  • Dark web, home title, and social media monitoring available, with coverage expanding by plan tier

Author Details
Krishi Chowdhary specializes in digital privacy, cybersecurity, and consumer technology. He has written extensively on online privacy tools and broader cybersecurity topics, including online scams, data breaches, age verification, and emerging digital threats. Krishi believes technology reporting should empower readers, not confuse them, and is committed to making even the most technical subjects easy to understand without compromising on accuracy or depth. His work has appeared in leading technology publications, including CNET, ExpressVPN, and TechRadar, where he has covered topics ranging from cybersecurity incidents and privacy product announcements to artificial intelligence and major technology news

Citations

[1] AssuranceAmerica data breach notice