Skip to content
Data breachOngoing

Assuréa: leak of 150 GB of data (140k leads and 11k contracts)

In April 2026, the DumpSec group claimed to have stolen roughly 150 GB of data from Assuréa, an auto-insurance broker in the Meilleurtaux group, exposing some 139,000 clients, contract records and 11,000+ documents containing IBANs.

Victim
Assuréa

On 15 April 2026, Assuréa — an auto-insurance broker that is part of the French Meilleurtaux group — was named as the victim of a large-scale data theft after the threat group DumpSec claimed on specialised forums to be holding a roughly 150 GB database extracted from its systems. The trove reportedly spans eight years of activity, from 2018 to 2026, and was published or offered for sale as proof of the intrusion.

The exact intrusion method has not been disclosed, but DumpSec advertised unauthorised access to Assuréa's internal systems and dumped sample data to substantiate the claim. The leak is described as covering around 139,000 unique auto-insurance clients, more than 11,000 PDF documents containing banking details (IBANs), and over two million messages with attachments, with contracts tied to major insurers including AXA, Allianz, Generali, Swiss Life and AIG.

Exposed data categories reportedly include:

  • Identity and contact details (name, email, phone, date and place of birth)
  • Residential and vehicle information
  • Insurance and claims history, contract numbers and insurer names
  • Driving records (licence dates, violations and incidents)
  • Banking data (IBANs) in the 11,000+ PDF documents

As of disclosure the breach remains ongoing: the data was reported to be in circulation or up for sale, and the full authenticity of the dataset had not been independently confirmed. Coverage urged affected clients to be especially wary of targeted phishing and fraud attempts referencing their insurance details.

Sources

  1. cyberattaque.orghttps://www.cyberattaque.org/assurea-fuite-de-150-go-de-donnees-140k-leads-et-11k-contrats/
  2. larevuedudigital.comhttps://www.larevuedudigital.com/le-courtier-meilleurtaux-victime-dun-vol-de-donnees-personnelles/
  3. usine-digitale.frhttps://www.usine-digitale.fr/article/le-courtier-meilleurtaux-victime-d-une-cyberattaque-des-donnees-sensibles-exposees.N2219647
  4. next.inkhttps://next.ink/brief_article/meilleurtaux-laisse-aussi-fuiter-une-ribambelle-de-donnees-personnelles/

Related incidents

Data breachUnknown

23,685 records: claimed leak at ATOA

A threat actor put a database from ATOA — a French real-estate tokenization and fractional-investment fintech — up for sale on a dark web forum, exposing roughly 23,685 user and financial records plus 326 full KYC archives containing passports, ID cards and banking details.

Victim
ATOA
Records
23.7K