Insurance firm Lemonade says breach exposed driver’s license numbers

Posted on by Steven

Insurance firm Lemonade says breach exposed driver’s license numbers

A recent data breach at the insurance firm Lemonade exposed the driver’s license numbers of thousands of people over the course of 17 months. The New York-based company began sending breach notification letters in multiple states last week following the discovery of an incident in 2023 and 2024 involving its online application process.

Users typically enter their name and address into the Lemonade insurance policy application, and a third-party vendor automatically populates a person’s driver’s license number. A vulnerability within the online application platform for insurance policies resulted in the possible exposure of driver’s license numbers, which “may have been accessed without authorization,” the company stated. An investigation revealed this information was exposed from April 2023 to September 2024, with the company discovering the issue in March 2025.

Lemonade has reportedly taken steps to fix the vulnerability but has not responded to inquiries regarding how it did so or how many people were impacted. Victims are being provided with temporary identity protection services. Notably, at least 17,563 people in Texas and 1,950 in South Carolina were affected, although it remains unclear how many in other states are also impacted.

Lemonade, known for using AI and chatbots in its claims processing, reassured affected individuals that there is “no evidence to suggest” the driver’s license numbers were misused. However, hackers have historically targeted similar platforms for scams. This incident parallels a previous breach affecting Geico and Travelers, resulting in significant fines for exposing similar sensitive information.

Source: The Record

Key Points

  • Lemonade experienced a data breach exposing driver’s license numbers of thousands for 17 months.
  • The breach involved a vulnerability in their online application process, discovered in March 2025.
  • Victims are receiving temporary identity protection services; specifics on the total affected remain unclear.
  • At least 17,563 people in Texas and 1,950 in South Carolina are confirmed to be affected.
  • Lemonade reassured that there is no evidence of misuse of the exposed data, though similar breaches have led to significant fraud.

Why should I read this?

If you’re using Lemonade or considering it for insurance, this article is a must-read! It highlights a serious data breach that could impact you or someone you know. Plus, understanding the risks involved with online insurance applications in light of this incident can help you protect your personal information better. We’ve sifted through the details for you—so, stay informed and secure!

“`