Assuréa: leak of 150 GB of data (140k leads and 11k contracts)
In April 2026, the DumpSec group claimed to have stolen roughly 150 GB of data from Assuréa, an auto-insurance broker in the Meilleurtaux group, exposing some 139,000 clients, contract records and 11,000+ documents containing IBANs.
- Victim
- Assuréa
On 15 April 2026, Assuréa — an auto-insurance broker that is part of the French Meilleurtaux group — was named as the victim of a large-scale data theft after the threat group DumpSec claimed on specialised forums to be holding a roughly 150 GB database extracted from its systems. The trove reportedly spans eight years of activity, from 2018 to 2026, and was published or offered for sale as proof of the intrusion.
The exact intrusion method has not been disclosed, but DumpSec advertised unauthorised access to Assuréa's internal systems and dumped sample data to substantiate the claim. The leak is described as covering around 139,000 unique auto-insurance clients, more than 11,000 PDF documents containing banking details (IBANs), and over two million messages with attachments, with contracts tied to major insurers including AXA, Allianz, Generali, Swiss Life and AIG.
Exposed data categories reportedly include:
- Identity and contact details (name, email, phone, date and place of birth)
- Residential and vehicle information
- Insurance and claims history, contract numbers and insurer names
- Driving records (licence dates, violations and incidents)
- Banking data (IBANs) in the 11,000+ PDF documents
As of disclosure the breach remains ongoing: the data was reported to be in circulation or up for sale, and the full authenticity of the dataset had not been independently confirmed. Coverage urged affected clients to be especially wary of targeted phishing and fraud attempts referencing their insurance details.
Sources
- cyberattaque.orghttps://www.cyberattaque.org/assurea-fuite-de-150-go-de-donnees-140k-leads-et-11k-contrats/
- larevuedudigital.comhttps://www.larevuedudigital.com/le-courtier-meilleurtaux-victime-dun-vol-de-donnees-personnelles/
- usine-digitale.frhttps://www.usine-digitale.fr/article/le-courtier-meilleurtaux-victime-d-une-cyberattaque-des-donnees-sensibles-exposees.N2219647
- next.inkhttps://next.ink/brief_article/meilleurtaux-laisse-aussi-fuiter-une-ribambelle-de-donnees-personnelles/