Leak at Autosur & Diagnosur
In March 2025, French vehicle-inspection network Autosur (Diagnosur brand) disclosed a breach exposing data on roughly 10.7 million customers — names, postal and email addresses, phone numbers, and detailed vehicle records including registration plates and VINs — later offered for sale online.
- Victim
- Autosur & Diagnosur
On 24 March 2025, Autosur — one of France's largest vehicle technical-inspection networks, which also operates under the Diagnosur brand — disclosed a major data breach. The company detected unauthorized access to customer data around 16 March 2025 and began notifying affected users by email on 28 March, after a threat actor advertised the stolen database on the BreachForums cybercrime forum.
The leak exposed personal and vehicle information for roughly 10.7 million customers, spread across more than 12 million rows of data (about 487,000 unique email addresses). Beyond identity details, the dataset included clear-text technical records on customers' vehicles, making it valuable for identity theft, phishing, and automotive fraud.
Exposed data categories included:
- Full names (first and last)
- Postal addresses
- Email addresses
- Phone numbers
- Vehicle details: registration plates, VINs, make, model, and prior inspection results
- Hashed passwords
The attacker offered the database for sale for roughly $5,000–$7,500 in Monero (XMR). Autosur published a public notice on the incident and filed a criminal complaint; French authorities, including ANSSI, were involved in the investigation. The breach was later catalogued by Have I Been Pwned in December 2025.
Sources
- autosur.frhttps://www.autosur.fr/information-fuite-de-donnees/
- zataz.comhttps://www.zataz.com/fuite-massive-de-donnees-chez-autosur-plus-de-12-millions-de-dossiers-exposes/
- largus.frhttps://www.largus.fr/actualite-automobile/cyberattaque-chez-autosur-une-fuite-de-donnees-d-ampleur-touche-les-clients-du-controle-technique-30039603.html
- haveibeenpwned.comhttps://haveibeenpwned.com/Breach/AUTOSUR