Leak at Autosur
Autosur, a major French vehicle-inspection network, suffered a data breach exposing personal and vehicle records of millions of customers — names, emails, postal addresses, phone numbers, license plates and vehicle details — advertised for sale on a cybercrime forum.
- Victim
- Autosur
On 26 May 2025, Autosur — one of France's largest networks of vehicle technical-inspection (contrôle technique) centres — was confirmed to have suffered a major data breach affecting millions of its customers. The company stated it had identified unauthorized access to certain data on 16 March 2025, after a threat actor advertised a large Autosur customer database for sale on the BreachForums cybercrime forum.
The stolen dataset contained extensive personal information drawn from the company's inspection records. Reported figures for the number of affected customers vary widely across sources, from roughly 4 million to more than 10 million records advertised by the seller.
Exposed data categories included:
- Full names (first and last)
- Email addresses
- Postal addresses
- Phone numbers
- Vehicle license-plate (registration) numbers
- Vehicle details: make, model, identification/serial numbers and prior inspection results
Autosur stated that no banking or payment-card data was involved, as it does not store such information. The company warned customers to stay alert to identity theft, phishing and fraud attempts. It reported the incident to France's data-protection regulator (the CNIL) and filed a complaint with the police.
Sources
- autosur.frhttps://www.autosur.fr/information-fuite-de-donnees/
- usine-digitale.frhttps://www.usine-digitale.fr/article/autosur-victime-d-une-fuite-de-donnees-4-millions-de-clients-concernes.N2229728
- largus.frhttps://www.largus.fr/actualite-automobile/cyberattaque-chez-autosur-une-fuite-de-donnees-d-ampleur-touche-les-clients-du-controle-technique-30039603.html
- haveibeenpwned.comhttps://haveibeenpwned.com/Breach/AUTOSUR