Patron Insurance Data Breach Exposes 7GB of Sensitive Info

On May 23, 2025, Patron Insurance Services detected suspicious activity within its network. An investigation determined that an unauthorized actor gained access to files containing sensitive information.

According to the company’s official notice of data security incident, the breach compromised both personally identifiable information (PII) and protected health information (PHI). Exposed information included addresses, Social Security numbers, driver’s license numbers, federally issued ID numbers, financial account numbers, and health information.

On June 12, 2025, the Akira ransomware group claimed responsibility for the attack on their Tor-based leak site. They stated they had obtained approximately 7 GB of Patron’s data, including personal information, financial data, contracts, agreements and non-disclosure agreements.

Patron Insurance Services’ response

After discovering the incident, Patron Insurance Services changed all user passwords, restored operations from clean backups and implemented additional endpoint monitoring and detection tools. The company has begun notifying affected individuals by mail and is offering free Haystack credit monitoring and identity protection services.

If you receive a data breach notice from Patron Insurance Services, you may want to:

• Sign up for the free credit monitoring and identity protection services, offered by the company.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

Patron also set up a dedicated helpline for individuals with questions at 888-844-1254 from 8:00 am to 11:00 pm, Monday through Friday, and 9:00 am to 6:00 pm Saturday, Easter time.

More information about the company and can be found on the Patron Insurance Services website.