GEICO 2021 Data Breach Lawsuit Investigation: Was Your Driver's License Number Exposed?

Last Updated on March 7, 2023

Investigation Complete

Attorneys working with ClassAction.org have finished their investigation into this matter.

Check back for any potential updates and take a look at our open investigations here. The information on this page is for reference only.

View List of Lawsuits
Comments |

At A Glance

This Alert Affects:
Anyone who received a letter from GEICO in or around April 2021 stating that their driver’s license number may have been exposed as part of a data breach and used to fraudulently apply for unemployment benefits.
What’s Going On?
Attorneys working with ClassAction.org are investigating whether a class action lawsuit can be filed against GEICO over the data breach – but first, they need to hear from drivers who may have been affected.
How Could a Class Action Help Me?
A class action lawsuit could force GEICO to strengthen its data protection measures and help drivers recover money for damages, including time spent dealing with the effects of the data breach and the cost of ongoing identity protection services.

Attorneys working with ClassAction.org would like to speak with anyone who received a letter from GEICO in or around April 2021 that stated their driver’s license number may have been compromised and used to fraudulently apply for unemployment benefits.

They are investigating whether a class action lawsuit can be filed against GEICO for failing to take adequate steps to protect consumers’ personal information – but they need your help to move forward.

What Could I Get from a Class Action Lawsuit?

While GEICO has offered one year of free identity theft and credit monitoring services, attorneys believe that this offer is not enough to compensate those who may have had their driver’s license numbers exposed. Drivers could be at risk for identity theft and fraud for years beyond the data breach and the filing of fake unemployment claims – and a class action lawsuit could help recover the cost of additional damages.

For instance, if filed and successful, a class action lawsuit could provide money for:

  • Time spent dealing with the effects of the data breach
  • The cost of additional credit monitoring and identity theft protection services
  • Loss of privacy
  • Fraudulent charges
  • Damaged credit

Statutory damages, which refer to an additional amount of money available by law for a specific violation, could also be recovered in a class action.

2021 GEICO Data Breach: What Happened?

In April 2021, GEICO notified an unknown number of customers that between January 21, 2021 and March 1, 2021 scammers may have acquired their driver’s license numbers through the auto insurer’s online sales system.

Auto insurance companies share claims data with one another to help “weed out” bad drivers, a New York Times article reports, and can even purchase the following information on consumers:   

  • Drivers’ license numbers
  • Current auto policy details
  • Vehicle make and model

Using this information, auto insurance companies have made it quicker and easier for consumers to get instant quotes online by allowing certain form fields to be automatically populated; however, this has also made it easier for scammers to obtain consumers’ personal information.

For instance, one letter from the New York State Cybersecurity Division states that two auto insurers who provided instant quotes online allowed criminals to access consumers’ partial or redacted drivers’ license numbers after entering a valid name, “any date of birth” and “any address information.”

They were able to capture entire license numbers via more complex means, such as using developer debugging tools or accessing unredacted information from the HTML.

It is believed in the GEICO breach that scammers used information they stole elsewhere to fill out these forms and obtain drivers’ license numbers to apply for unemployment benefits. While it’s estimated that about $3 billion is lost in fraudulent unemployment claims per year, reports indicate that this number has ballooned to about $200 billion during the COVID-19 pandemic.

In its notice, GEICO encouraged its customers to be on the lookout for any unexpected correspondence from their state’s unemployment agency and to monitor their accounts and credit reports for any suspicious activity.

Before commenting, please review our comment policy.