Nearly seven million people are being notified after a cyberattack on Atlanta-based auto insurer AssuranceAmerica exposed highly sensitive personal information, including driver's license numbers, Social Security numbers and insurance records, raising concerns about long-term identity theft risks.
According to the company's breach notice and filings submitted to state regulators, the incident began on March 16, 2026, when a threat actor gained unauthorized access to AssuranceAmerica's internal network using compromised employee credentials obtained through a phishing attack. The company detected suspicious activity the following day, secured the affected systems, and launched a forensic investigation to determine the scope of the compromise.
The investigation later revealed that the attackers had copied files containing personal information belonging to approximately 6.99 million individuals. The exposed data varies by person but may include names, residential addresses, driver's license numbers, Social Security numbers, taxpayer identification numbers, insurance policy and account details, claims information, as well as driver and vehicle records.
The scale of the breach makes it one of the larger disclosures involving government-issued identity documents this year. South Carolina alone reported that 611,046 residents may have been affected, according to the state's Department of Consumer Affairs.
Unlike passwords, driver's license numbers are not easily replaced after they are exposed. These identifiers are widely used to verify identity across banks, insurers, vehicle rental companies, government agencies and financial institutions. When combined with Social Security numbers and other personally identifiable information, they can enable criminals to apply for loans, open fraudulent accounts, submit false tax returns or impersonate victims during identity verification processes.
Law firm Edelson Lechtzin LLP, which announced an investigation into the incident, warned that the compromised information could be used to facilitate identity theft and other forms of financial fraud.
Although AssuranceAmerica identified the intrusion within roughly 24 hours, affected individuals were not notified until late June after investigators completed their review of the compromised data on June 15. The nearly three-month gap between the initial breach and customer notifications has drawn attention to the time required to determine exactly whose information had been accessed before notifications could be issued.
In its public notice, AssuranceAmerica said it disabled the compromised accounts, reset credentials, strengthened network monitoring and provided additional cybersecurity awareness training to employees. The company also engaged external forensic specialists to investigate the incident. However, it has not publicly confirmed whether all affected individuals will receive complimentary credit monitoring or identity protection services.
The AssuranceAmerica breach comes amid a growing number of incidents involving government-issued identity documents. In June, Texas disclosed a separate cyberattack affecting approximately three million driver's license and passport records maintained by the Texas Parks and Wildlife Department, adding to a broader trend of organizations reporting the theft of sensitive identification data.
The growing reliance on digital identity verification has also increased the amount of personal identification collected by businesses and online platforms. As governments and private organizations increasingly require users to upload driver's licenses and other official documents for account verification and age checks, cybersecurity experts warn that breaches involving these records can have lasting consequences because many of these identifiers cannot be easily changed once exposed.
Individuals who may have been affected are encouraged to closely review financial and insurance accounts for suspicious activity, consider placing a credit freeze or fraud alert with the major credit bureaus, monitor their credit reports for unauthorized accounts and remain cautious of phishing emails or phone calls that attempt to exploit information exposed during the breach. Victims should also follow guidance issued by their state consumer protection agencies and promptly report any suspected identity theft.
The Coca-Cola Company has revealed that a ransomware attack targeting its Fairlife dairy business has temporarily disrupted production across the United States after threat actors gained unauthorized access to company systems, including those supporting manufacturing operations.
The incident was disclosed in a Form 8-K filing with the U.S. Securities and Exchange Commission (SEC), a regulatory filing used by publicly traded companies to report significant corporate events. According to Coca-Cola, the cyberattack affected certain Fairlife systems, including production-related infrastructure, prompting the company to temporarily suspend manufacturing at its U.S. facilities while recovery efforts are underway.
Upon detecting the unauthorized activity, Coca-Cola said it immediately activated its incident response and business continuity protocols to contain the incident and minimize operational disruption. The company has engaged external cybersecurity advisors and experts to support its investigation and recovery efforts, while law enforcement has also been notified.
Although manufacturing operations have been interrupted, Coca-Cola emphasized that the ransomware attack has not affected the quality or safety of Fairlife products. The temporary production halt is part of the company's response as it works to restore impacted systems and verify operational readiness before resuming normal manufacturing activities. Fairlife's Canadian production facilities continue to operate normally and have not been affected by the incident.
The company said its investigation remains ongoing and that it is continuing to assess both the nature of the attack and its potential business impact. At this stage, Coca-Cola has not determined whether the incident is reasonably likely to have a material effect on the company's financial condition or overall operations.
Fairlife is one of Coca-Cola's dairy brands and manufactures a range of ultra-filtered milk products, protein shakes and nutrition beverages sold across the United States. Its product portfolio includes Ultra-Filtered Milk, Core Power Protein Shakes and Nutrition Plan.
Several aspects of the incident remain undisclosed. Coca-Cola has not confirmed whether attackers exfiltrated any data during the intrusion, whether the company has received an extortion demand or which ransomware operation may be responsible for the attack. As of publication, no known ransomware group has publicly claimed responsibility for the incident.
Ransomware attacks increasingly target organizations' operational environments in addition to traditional corporate networks, as disrupting production can exponentially multiply pressure on victims during recovery efforts. Many modern ransomware operations also employ double-extortion tactics by stealing sensitive information before encrypting systems and later threatening to publish the stolen data unless a ransom is paid. However, Coca-Cola has not indicated that any data theft occurred in this incident, and there is currently no public evidence confirming that attackers exfiltrated information from Fairlife's systems.
When asked whether data had been stolen, whether the company had received an extortion demand or which ransomware group may have been behind the attack, a Coca-Cola spokesperson declined to provide additional details beyond the company's public statement.
Coca-Cola continues to restore affected systems while its investigation remains ongoing, with U.S. Fairlife production expected to resume once recovery efforts are completed and manufacturing systems have been safely brought back online.
Dutch authorities have arrested multiple suspects as part of an international investigation into an alleged investment fraud network that investigators believe defrauded victims worldwide through fake online investment schemes, with the operation at one point generating more than €100 million in monthly proceeds.
According to the Dutch Police, the criminal organization is suspected of operating an extensive network of approximately 20 call centers staffed by more than 700 individuals who allegedly posed as professional financial advisers. Investigators said the operation targeted victims across multiple countries, with teams assigned to specific regions and responsibilities to maximize the effectiveness of the fraudulent campaigns.
The investigation's primary suspect, a 46-year-old dual Israeli-Polish national, was arrested in Poland on May 26 before being extradited to the Netherlands, where he has been placed in pre-trial detention. Dutch authorities allege that he played a central technical role in building and maintaining the infrastructure that enabled the organization to conduct its activities while making it more difficult for law enforcement agencies to identify those involved.
Police also noted that publicly available information indicates the suspect had previously faced prosecution in connection with cyberattacks targeting several foreign government organizations. Authorities now believe he occupied an indispensable position within the investment fraud network.
The investigation expanded further between July 7 and July 10, when law enforcement officers arrested several Dutch and Belgian nationals in Cyprus, Greece, and Belgium for their suspected involvement in the scheme. Officials said the investigation remains active and additional arrests are possible as authorities continue to identify other members of the organization.
Investigators describe the alleged operation as a highly organized criminal enterprise that functioned similarly to a legitimate international business. Multiple call centers reportedly operated under centralized coordination while individual teams focused on victims in different countries. Employees allegedly used false identities, pseudonyms, and technical measures designed to conceal both their real identities and their physical locations during communications with potential victims.
According to investigators, the fraud relied heavily on long-term social engineering rather than immediate financial deception. Victims were first approached by individuals presenting themselves as experienced investment advisers who gradually established trust through repeated conversations. Once that trust had been developed, victims were encouraged to invest relatively small amounts through professional-looking online investment platforms that appeared to display genuine market activity and growing returns.
Authorities said these platforms did not reflect legitimate investments. Instead, the displayed profits were fabricated to create the impression of successful trading and encourage victims to continue depositing larger sums. Many of the payments were made using cryptocurrency, making it incredibly more difficult to recover stolen funds after they had been transferred. While victims believed their portfolios were increasing in value, investigators said the money was instead diverted directly to the criminal organization.
Dutch investigators have linked at least 550 fraud reports and approximately €25 million in reported losses in the Netherlands to the organization. Belgian authorities have also connected around 200 complaints to the same network. Police believe these figures represent only a fraction of the total impact, estimating that the operation may have claimed tens of thousands of victims globally, with many individuals losing more than €10,000 each.
Authorities believe the organization has been active since at least 2021 and employed sophisticated operational security practices to avoid detection. Investigators said members routinely relied on pseudonyms, concealed calling locations, and other technical methods to obscure their identities while communicating with victims.
The investigation ultimately progressed after authorities traced digital evidence, including IP addresses, financial transaction routes, and other forensic artifacts that helped identify critical infrastructure associated with the operation. The examination of technical equipment provided investigators with additional insight into how the organization functioned and helped establish the locations of several suspects.
Dutch Police said the investigation was conducted in cooperation with international law enforcement partners, while commercial service providers also assisted in disrupting elements of the group's digital infrastructure. Authorities emphasized that efforts to identify additional suspects and victims remain ongoing.
Police have also warned the public to remain cautious of so-called recovery services that claim they can retrieve money lost to investment scams. Investigators noted that, in some cases, such offers are themselves fraudulent attempts to exploit victims a second time by demanding additional payments under the false promise of recovering stolen funds.
Researchers at Manifold Security have disclosed two security weaknesses in Anthropic's Claude for Chrome extension that could allow another browser extension with access to the Claude website to trigger predefined AI-powered actions involving a user's Gmail, Google Docs and Google Calendar.
According to the researchers, the issues remain present in version 1.0.80 of the extension despite earlier mitigations introduced after the disclosure of the "ClaudeBleed" vulnerability. While Anthropic restricted how external webpages can communicate with the extension, Manifold says the underlying trust boundary that determines whether a user intentionally initiated an action has not been fully addressed.
The findings do not indicate that arbitrary websites can directly read a user's email or documents. Instead, the attack requires another browser extension that already has permission to execute scripts on the claude.ai domain. If such an extension is malicious or becomes compromised, it could abuse Claude's existing capabilities to initiate AI tasks that access a user's connected Google services.
Forged clicks can initiate predefined Claude actions
Following the earlier ClaudeBleed disclosure, Anthropic replaced unrestricted prompt handling with a fixed allowlist of predefined onboarding tasks. Rather than allowing external callers to submit arbitrary prompts, the extension now recognizes only nine task identifiers embedded within its code.
Among these are demonstration workflows for third-party services such as DoorDash, Salesforce and Zillow, along with tasks that interact with Gmail, Google Docs and Google Calendar. This design significantly narrows the attack surface because outside scripts can no longer provide custom instructions for Claude to execute.
However, Manifold Security found that the mechanism responsible for launching these tasks can still be manipulated.
The researchers explain that a content script running within the extension monitors the Claude webpage for clicks on a specific onboarding element. When a click occurs, the script reads the associated task identifier and forwards it to the extension, which opens Claude's side panel with the corresponding workflow prepared.
The problem lies in how those clicks are validated. Instead of confirming that the event originated from an actual user interaction, the extension accepts any matching click event, including one generated programmatically by JavaScript.
Modern browsers provide an "event.isTrusted" property that distinguishes genuine user actions from synthetic events created by scripts. According to Manifold, the extension does not verify this property before processing the request.
As a result, another extension capable of interacting with the Claude webpage can dynamically create the required element, assign one of the approved task identifiers and dispatch an artificial click event. Because the extension treats the event as legitimate, Claude opens the selected workflow as though the user had manually initiated it.
The researchers demonstrated this behavior using a short proof-of-concept script executed within the Claude page, showing that synthetic click events marked as untrusted were still accepted by the extension.
Approval settings determine the level of risk
Whether the forged action progresses beyond this point depends largely on how the extension has been configured.
For users operating under Claude's default "Ask before acting" setting, the extension still presents an approval prompt before carrying out actions involving Gmail, Google Docs or Google Calendar. This additional confirmation prevents automatic execution, although users could still unknowingly approve an attacker-triggered request.
The risk increases considerably for users who have enabled the optional "Act without asking" mode. In this configuration, the extension can perform supported tasks without requesting further confirmation, allowing attacker-triggered workflows to execute automatically.
Manifold assigned a CVSS severity score of 7.7 under the default approval model and 9.6 when unattended execution is enabled.
The researchers say a straightforward mitigation would be to reject any click event that was not generated by a genuine user, preventing scripts from activating these workflows through synthetic browser events.
Researchers identify second permission-handling concern
Manifold also disclosed a separate issue involving how the extension initializes permission settings when its side panel loads.
According to the researchers, if the panel starts with a specific URL parameter indicating that permission checks should be skipped, the extension immediately enters a mode that bypasses user approval for supported actions.
Although users receive a warning indicating that Claude now has broader authority to perform actions on their behalf, the privileged session has already been established by the time the notification appears.
The researchers emphasize that this second issue is not directly exploitable under current conditions because the parameter can presently be generated only by the extension itself. Nevertheless, they argue that any future vulnerability allowing a lower-privileged component to influence this parameter could eliminate the remaining approval barrier and enable silent execution.
Potential attack paths discussed by the researchers include future message-handling flaws, panel initialization bugs or cross-site scripting vulnerabilities that could expose the parameter to untrusted input.
To reduce that risk, Manifold recommends that the extension ignore permission-related values supplied through URLs and instead always initialize new sessions in approval mode.
The researchers classify the forged-task technique as an example of indirect prompt injection within the OWASP Top 10 for Large Language Model Applications because an attacker manipulates the AI agent into executing one of its own predefined workflows rather than supplying new instructions directly.
They also associate the unattended execution scenario with excessive agency, referring to AI systems that are granted broad authority to perform sensitive actions with minimal user oversight.
According to the report, these behaviors occur regardless of whether users are running Claude Opus, Sonnet or Fable, indicating that the weaknesses originate in the browser extension rather than the underlying language models.
Issues remain unresolved months after disclosure
Manifold Security reported both vulnerabilities to Anthropic on May 21 while testing version 1.0.72 of the extension. Anthropic acknowledged the reports the following day.
The forged-click issue was closed on the basis that it fell within the scope of the previously reported ClaudeBleed investigation, which Anthropic indicated remained open while a more comprehensive solution was being developed.
The permission-handling report was classified as informational because the relevant parameter was intended for workflows that users had already configured for unattended execution.
Despite those responses, Manifold says it found the same vulnerable code paths unchanged after examining version 1.0.80 released on July 7.
As of July 14, the researchers noted that no CVE identifier had been assigned to either issue and Anthropic had not published a public advisory addressing the findings.
The latest research follows a series of security concerns involving AI-powered browser agents.
Earlier this year, researchers disclosed ClaudeBleed, a vulnerability that allowed websites to inject prompts into Claude for Chrome by exploiting how the extension trusted requests originating from the Claude website itself rather than verifying which script generated them.
LayerX, which originally disclosed ClaudeBleed, described the issue as a classic "confused deputy" problem, where software possessing legitimate privileges unknowingly performs actions on behalf of an untrusted requester.
Security researchers have also identified comparable trust-boundary weaknesses affecting other Anthropic products, including Claude Code, demonstrating broader challenges associated with AI agents that can directly interact with browsers, developer environments and online accounts.
The latest findings reinforce the importance of carefully validating user intent before granting AI assistants access to sensitive online services. As AI-powered browser agents become increasingly capable of interacting with email, documents and productivity platforms, researchers argue that ensuring those actions genuinely originate from users remains one of the most critical security controls.