ONLY ON San Jose woman discovers security breach in State Farm app

David Louie Image
ByDavid Louie KGO logo
Wednesday, June 10, 2015
EXCLUSIVE: San Jose woman discovers security breach on State Farm app
A State Farm policyholder in San Jose was alarmed by an apparent security breach that she discovered while using the company's app, Pocket Agent.

SAN JOSE, Calif. (KGO) -- A State Farm policyholder in San Jose was alarmed by an apparent security breach.

Kristin DeWester checks her coverage and pays her insurance bill using State Farm's mobile app, called Pocket Agent. When she logged in Monday, she got someone else's information, which she documented and shared with ABC7 News details.

She logged off and signed in again and that's when she really became alarmed. There were details on other customers.

"The worst part, which really scared me and has caused me to lose a lot of trust, is I could see their Roth IRA account and I could see how much money they had in their Roth IRA account," DeWester said.

A dishonest person could transfer those funds.

State Farm declined an on-camera interview with ABC7 News but issued a statement. "We believe the cause of the issue was an internal systems update and it was addressed in a matter of hours. Based upon our current knowledge, we believe the impact is limited," the company said.

DeWester says the functionality is still limited, and she hasn't gotten answers when she called State Farm.

"How can I not worry? Who has my information if I have their information?" DeWester said.

DeWester said State Farm had no answers for her.

The State Farm security breach isn't confined to the Bay Area. A customer in South Texas had a similar experience a few days ago. Elizabeth Gonzalez saw personal details about another Elizabeth Gonzalez.

"I know what kind of car she drives. I know where she banks. I know her routing number," Gonzalez said.

Local State Farm agents say they haven't heard about the breach, but it has Kristin DeWester so concerned she may move her three policies elsewhere.