Insurance Office of America Data Breach
Insurance Office of America Brokerage Breach (2025): 144K Client SSN & Contact Records Exposed
Insurance brokerage and risk management services firm.
Risk Interpretation
High risk of identity theft, insurance fraud, claims impersonation, and financially themed phishing. Brokerage data can also reveal corporate insurance relationships and personal risk profiles.
Impact & Downstream Threats
Direct institutional cost to IOA is mounting. The company faces multistate attorney-general filings, a class-action litigation pipeline, and the operational burden of customer notification six months after the underlying intrusion. The lengthy gap between incident discovery and public notification has drawn critical commentary, particularly because the Daixin Team had publicly claimed the attack within days. IOA has engaged outside cybersecurity counsel and is offering credit monitoring services
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
Threat Vectors
Breach Intelligence
Executive Summary
Insurance Office of America, one of the largest privately held independent U.S. insurance brokerages, suffered a cybersecurity incident between June 25 and June 30, 2025. The company identified the unauthorized access on June 30 and engaged external cybersecurity specialists to investigate. The Daixin Team, a ransomware and extortion group active since 2022, claimed responsibility on a dark-web leak site on July 2, 2025, asserting it had obtained more than 100,000 internal documents.\n\nThe breach was formally disclosed to multiple state attorneys general beginning January 16, 2026, more than six months after the original intrusion. Have I Been Pwned and other breach-tracking services index approximately 144,000 records, while IOA's internal estimates initially put the affected population at around 12,900 individuals. Compromised fields include names, email addresses, phone numbers, and Social Security numbers. As an insurance brokerage handling commercial and individual client policies, IOA's records also include employer relationships and policy details, although those broader categories were not specifically named in the public disclosure.\n\nFor affected individuals, the practical risk is concentrated in identity-fraud and insurance-themed phishing scenarios. The combination of name, phone number, and Social Security number is a strong base for fraudulent credit applications, tax-return fraud, and identity-verification bypass. Insurance-specific scams referencing real coverage, policy numbers, or employer benefits programs are a particular concern given the brokerage context. Affected individuals should accept the credit monitoring offered by IOA, freeze credit at all three U.S. bureaus, monitor financial accounts closely, and remain alert to unsolicited messages purporting to come from IOA, current or former employers' benefits programs, or insurance carriers.
About Insurance Office of America
Insurance Office of America (IOA) is one of the largest privately held independent insurance brokerage and risk-management firms in the United States. Founded in 1988 and headquartered in Longwood, Florida, the company provides insurance placement and advisory services to commercial and personal clients, including risk assessment, claims advocacy, and employee benefits programs. Operating offices in dozens of locations nationwide, IOA serves a wide spectrum of clients ranging from small businesses to large enterprises and high-net-worth individuals. As an insurance broker, the firm collects identity, employer, financial, claims, and beneficiary records as part of routine policy placement and administration workflows.
Why They Hold Your Data
Insurance brokerages collect identity, policy, claims, contact, financial, and employer-linked records across advisory, placement, and client-service workflows.
Recent Developments
IOA discovered the breach on June 30, 2025 and engaged external cybersecurity experts to investigate and contain the intrusion. The company filed formal breach disclosures with multiple state attorneys general including those of California, Maine, Massachusetts, New Hampshire, and Texas in mid-January 2026, roughly six and a half months after the original incident, and began written notifications to affected individuals on the same date. The Daixin Team, a ransomware and extortion group active since 2022, claimed responsibility on the dark web on July 2, 2025. U.S. plaintiff law firms began organizing class-action investigations following the January 2026 disclosures. IOA is offering free credit monitoring to affected individuals.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, full_name, phone_number, ssn
Dark Web Verification
- Dataset containing ~144K records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: ioausa-2025
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Insurance Office of America
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam