Computers stolen from a California agent of Farmers Insurance on March 16 contained sensitive policyholder data, but the policyholders were not notified of theft until the end of July.
According to a notification sent by Farmers Insurance to the Maryland Attorney General’s Office, data on the stolen computers for an unspecified number of policyholders included their names, addresses, telephone numbers, insurance policy numbers, drivers license numbers, and SSN.
In a letter dated July 26, Michael Abdou of Michael Abdou Insurance Agency in San Diego informed those affected of the theft and offered them free credit monitoring services.
There was no explanation from either the agent or Farmers Insurance as to why it took from March 16 to July 26 to notify affected policyholders. Nor was there any mention of why the data weren’t encrypted or otherwise adequately secured.