AssuranceAmerica Data Breach Investigation

Chimicles Schwartz Kriner & Donaldson-Smith is investigating potential class action claims against AssuranceAmerica Managing General Agency, LLC (“AssuranceAmerica”) on behalf of policyholders, claimants, and other individuals whose personal information may have been compromised in a recently disclosed data security incident affecting the Atlanta-based non-standard auto insurance organization.

What Happened?

On March 17, 2026, AssuranceAmerica reportedly detected suspicious activity on part of its information technology systems that the company has attributed to a targeted cyberattack on one of its employees the prior day, March 16, 2026. AssuranceAmerica states that it immediately initiated an investigation, engaged outside computer forensic specialists, and determined that an unauthorized third party had accessed the company’s IT systems and copied a number of data files. The company reports that it took the affected server devices offline, reset passwords, deployed enhanced monitoring and threat detection software, provided additional cybersecurity instruction to personnel, and notified law enforcement.

Because of the nature of the files involved and the scope of the review required, AssuranceAmerica states that the file evaluation process was only recently completed. The company began issuing individual notice letters to affected persons on or around June 15, 2026, and reported the incident to the California and Nebraska Attorneys General on June 17, 2026, and to the South Carolina Department of Consumer Affairs on June 18, 2026. Public filings reflect that at least 611,046 South Carolina residents alone were affected, suggesting a substantially larger nationwide impact across AssuranceAmerica’s operating footprint.

Who May Be Affected?

AssuranceAmerica acts as a wholesale intermediary and operational hub for its parent organization, AssuranceAmerica, specializing in non-standard auto insurance for higher-risk drivers, as well as renters and commercial auto products. Coverage is reportedly offered in the following 14 states, any of whose policyholders, claimants, or applicants may potentially be impacted:
  • Alabama
  • Arizona
  • Florida
  • Georgia
  • Indiana
  • Nebraska
  • Ohio
  • Oklahoma
  • Pennsylvania
  • South Carolina
  • Tennessee
  • Texas
  • Virginia
What Information May Have Been Compromised?
According to AssuranceAmerica’s notice letter, the affected files may have contained an individual’s name together with one or more of the following categories of personal information:
  • Contact information (address, telephone number, email)
  • Automobile insurance policy or insurance account information
  • Driver or vehicle information
  • Claims-related information
  • Driver’s license number
  • Tax identification information
  • Social Security number
Why Is This Important?
The reported combination of Social Security numbers, driver’s license numbers, tax identification information, and insurance and claims data is precisely the bundle of identifiers most commonly exploited for identity theft, synthetic identity fraud, fraudulent loan and credit applications, tax-refund fraud, and targeted phishing or insurance-fraud schemes. The approximately three-month delay between AssuranceAmerica’s detection of the incident in mid-March 2026 and the issuance of individual notices beginning in mid-June 2026 may have left affected individuals without an opportunity to take timely protective steps.
What Should You Do?
If you held an automobile insurance policy with, submitted a claim to, applied for coverage from, or were previously or currently employed by AssuranceAmerica  or any of its affiliated insurers, you may have been affected by this breach.  Please contact our data breach attorneys by completing the form below to learn more about your potential legal rights and our ongoing investigation.

AssuranceAmerica Data Breach (#931)

(*) Indicates required field: When communicating with us through this site or otherwise in connection with a matter for which we do not already represent you, your communication may not be treated as privileged or confidential, and does not create an attorney-client relationship between you and our Firm.