AssuranceAmerica confirmed in July 2026 that hackers stole personal information on 6.9 million people, including names, contact details, and driver's license numbers — making it the largest single-company driver's license exposure of the year. If you receive a breach notice, freeze your credit, request a new driver's license, and get your data off broker sites before criminals combine it with what's already public.
What Happened
AssuranceAmerica, a US non-standard auto insurance provider, disclosed the breach in a July 2026 filing after wrapping its forensic investigation on June 15, 2026. According to the company:
- Intruders were detected inside AssuranceAmerica's network on March 17, 2026.
- The attackers targeted an employee's credentials and used them to move through internal systems.
- Compromised accounts were disabled and access was cut off.
- The investigation concluded the attackers exfiltrated customer files containing names, contact information, and driver's license numbers.
- Approximately 6.9 million individuals are affected — the largest known driver's license exposure of 2026 to date.
Why Driver's License Numbers Matter
A driver's license number is a lifetime identifier tied to your identity. Combined with your name, address, and date of birth (all commonly available from data broker sites), it enables fraudulent license replacement, tax fraud, account takeovers using knowledge-based verification, and synthetic identity creation. Unlike a credit card, you cannot just cancel a driver's license number and get a new one instantly.
Are You Affected?
You are likely in the breach if you have ever purchased auto insurance from AssuranceAmerica, including through one of the many independent agents and MGA channels the company works with. The company is required to notify affected individuals by mail under state breach notification laws. Watch for:
- A physical letter from AssuranceAmerica describing the incident
- An offer of complimentary credit monitoring or identity theft protection (typically 12-24 months)
- Instructions on how to enroll in the monitoring service
If you moved recently, confirm your address is current with any past insurers so notifications reach you.
Step 1: Freeze Your Credit Immediately
A credit freeze is free, does not affect your credit score, and prevents criminals from opening new accounts in your name. Freeze all three bureaus:
- Equifax: equifax.com/personal/credit-report-services/credit-freeze
- Experian: experian.com/freeze
- TransUnion: transunion.com/credit-freeze
Freezes take effect within minutes online. You can lift them temporarily when you legitimately need to apply for credit.
Step 2: Request a New Driver's License Number
Because driver's license numbers were exposed, contact your state DMV and ask about issuing a new number. Most states will issue a replacement license with a new number when you can demonstrate identity theft risk — bring a copy of the AssuranceAmerica breach notification letter as evidence. Not every state offers this, but it is worth asking, especially if you see any suspicious activity later.
Step 3: Enroll in the Offered Monitoring — But Don't Stop There
AssuranceAmerica is offering complimentary credit and identity monitoring to affected individuals. Take it — it is free and useful. But understand its limits: credit monitoring only alerts you after a fraudulent account appears on your credit file. It does not stop the fraud, it does not remove your data from the sites criminals used to identify you, and it typically expires after 12-24 months while your driver's license number is exposed forever.
Is your data already out there?
Leaked data ends up on broker sites and in scammers' hands. Run a free 60-second scan to see your exposure — then let us remove it.
Run a free scan★★★★★ 4.8/5 · Trusted by thousands of families
Step 4: Set Up an IRS Identity Protection PIN
Tax refund fraud is one of the most common downstream harms from driver's-license breaches. Get an IRS Identity Protection PIN (IP PIN) at irs.gov/ippin. This six-digit PIN is required to file your taxes and blocks scammers from filing a fraudulent return in your name.
Step 5: Remove Yourself From Data Broker Sites
Here is what most breach guides miss: stolen driver's license numbers are only dangerous when combined with your name, address, date of birth, and phone number — and every one of those data points is currently sold on 100+ data broker sites for a few dollars. Criminals routinely pair breach data with broker data to bypass identity-verification checks at banks, government portals, and lenders.
PrivacyOn automates removal of your personal information from 100+ data broker and people-search sites, including Spokeo, BeenVerified, Whitepages, Radaris, MyLife, and dozens more. When brokers re-list your data (they do, every 3-6 months), our system automatically resubmits removal requests. Combined with credit freezes and an IRS IP PIN, this closes the loop the breach opened.
Why Breach Notification Alone Isn't Enough
The credit monitoring AssuranceAmerica is offering expires after 12-24 months. Your driver's license number does not. Long after the breach headlines fade, your data will still be in criminal hands — and still be attackable using publicly available broker data. PrivacyOn's continuous data broker removal + dark web monitoring closes the attack surface that credit monitoring alone leaves wide open. Plans start at $8.33/month with family coverage for 5 people.
Step 6: Watch for AssuranceAmerica Phishing
Every major breach triggers a wave of phishing emails and text messages impersonating the breached company. Expect scams claiming to be from AssuranceAmerica, its identity monitoring partner, or the DMV. Rules to follow:
- Never click a link in an unsolicited breach-related email. Type the URL from the printed notification letter instead.
- Never give your driver's license number, Social Security number, or bank details to an inbound caller — even if they claim to be from AssuranceAmerica.
- Verify by calling the number printed in the mailed notification, not a number sent to you by email or text.
Step 7: Monitor for Downstream Fraud
Set up alerts and keep an eye on:
- Auto insurance quotes and policies opened in your name (unusual for driver's-license breaches)
- State DMV notices about replacement licenses or address changes you didn't request
- Tax filings — file early to reduce the fraud window
- Bank and credit card statements for micro-transactions used to test stolen data
- Utility and mobile phone accounts opened in your name — port-out scams often start here
The Long Game: Reduce Your Exposed Data Footprint
Breaches like AssuranceAmerica are inevitable — companies you can't control get compromised, and your data leaks. The one variable you can control is how much of your personal information is already publicly indexed and paired with the leaked data. Every additional data point criminals can find about you online lowers the effort required to weaponize a breach against you.
PrivacyOn removes your name, address, phone number, relatives, and other identifiers from 100+ data broker sites, monitors the dark web for exposed credentials, and continuously re-removes when brokers republish. Combined with credit freezes and an IRS IP PIN, it reduces your total attack surface — before the next breach. Start with a free scan to see how many brokers currently expose your data.
Frequently Asked Questions
How many people were affected by the AssuranceAmerica breach?
Approximately 6.9 million individuals. This makes it the largest single-company driver's license exposure disclosed in the US in 2026 so far.
What data was stolen in the AssuranceAmerica breach?
Names, contact information, and driver's license numbers. AssuranceAmerica's disclosure did not confirm Social Security numbers were included in the exfiltrated files, but affected individuals should behave as if all identity information could be compromised.
Do I need to freeze my credit after the AssuranceAmerica breach?
Yes. A credit freeze is free, does not affect your credit score, and is the single most effective action to prevent new-account fraud after any breach involving identity information. Freeze all three bureaus (Equifax, Experian, TransUnion) online in about 10 minutes.
Can I get a new driver's license number?
Most state DMVs will issue a new license number when you can demonstrate identity theft risk. Bring a copy of the AssuranceAmerica breach notice. Not all states offer this — call your DMV directly to ask.
Is the free credit monitoring AssuranceAmerica is offering enough?
No. The free monitoring is useful but limited: it only alerts you after fraud appears on your credit file, and it typically expires after 12-24 months. Your driver's license number does not expire. Pair it with a credit freeze, an IRS IP PIN, and continuous data broker removal (like PrivacyOn) for real long-term protection.
How can PrivacyOn help after a data breach?
Stolen data is most dangerous when paired with the personal information data brokers publish about you. PrivacyOn removes your name, address, phone, and relatives from 100+ broker sites, monitors the dark web for exposed credentials, and continuously re-removes when brokers republish — shrinking the attack surface criminals need to weaponize breach data. Plans start at $8.33/month with family coverage for 5.