SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Insurance Firm Lemonade Says API Glitch Exposed Some Driver’s License Numbers

Lemonade says the incident is not material and that its operations were not compromised, nor was its customer data targeted.

Insurance firm Lemonade is notifying roughly 190,000 individuals that their driver’s license numbers were likely exposed due to a technical glitch.

Copies of the notification letter that were submitted to regulators in several states show that the incident involved an online application that enables individuals to obtain car insurance quotes and purchase policies.

According to the company, a vulnerability in the car insurance quote flow resulted in the exposure of certain driver’s license numbers for identifiable individuals. The vulnerability has been addressed, Lemonade says.

Between April 2023 and September 2024, the platform transmitted the information unencrypted, which the company says allowed driver’s license numbers to be accessed without authorization.

“We have no evidence to suggest that your driver’s license number has been misused but we are providing this notice as a precaution to inform potentially affected individuals and share some steps you can take to help protect yourself,” the company’s notification letter reads.

The insurer is providing the impacted individuals with 12 months of free credit monitoring and identity protection services.

Advertisement. Scroll to continue reading.

Lemonade has notified the Securities and Exchange Commission that approximately 190,000 people were impacted by the mishap.

“Based on the company’s current knowledge of the facts and circumstances related to the incident, the company’s operations were not compromised, nor was Lemonade customer data targeted, and the company has determined that the incident is not material,” Lemonade told the SEC.

Founded in 2015, Lemonade describes itself as “a full-stack insurance carrier” that provides renters, homeowners, car, pet, and life insurance products in the US and Europe. The insurer is best known for relying on AI to activate policies and process claims.

Related: 2.6 Million Impacted by Landmark Admin, Young Consulting Data Breaches

Related: Conduent Says Names, Social Security Numbers Stolen in Cyberattack

Related: Hertz Discloses Data Breach Linked to Cleo Hack

Related: State Bar of Texas Says Personal Information Stolen in Ransomware Attack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: Third-Party Risk in Practice
June 4, 2026

Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.

Register

Virtual Roundtable: CISO Forum 2026 Mid-Year Review
June 10, 2026

Explore how attackers are using AI to scale threats and how security teams can respond with AI-driven defenses. Protecting against unmonitored use of generative AI (Shadow AI) in business units and building and enforcing AI governance frameworks.

Register

People on the Move

Opal Security has appointed CPO, CTO, VP of Field Engineering, VP of Marketing, and Head of Product and Solutions Marketing.

The Department of the Air Force has appointed Ashley Devoto as Chief Information Officer.

Bartley Richardson has been named Chief AI and Autonomous Systems Officer at CrowdStrike.

More People On The Move

Expert Insights

Popular Topics

Security Community

Stay Intouch

About SecurityWeek

News Tips

Got a confidential news tip? We want to hear from you.

Submit Tip

Advertising

Reach a large audience of enterprise cybersecurity professionals

Contact Us

Daily Briefing Newsletter

Subscribe to the SecurityWeek Daily Briefing and get the latest content delivered to your inbox.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.