Leak at Direct Assurance
In November 2024, French online insurer Direct Assurance was breached via a compromised employee account, exposing personal data of roughly 15,000 clients and prospects — including the IBAN/RIB banking details of about 5,800 of them — later offered for sale online.
- Victim
- Direct Assurance
- records
- 15.0K
On 19 November 2024, Direct Assurance — the online auto and home insurance arm of AXA in France — was reported to have suffered a data breach after an attacker compromised the credentials of one of its employees. The intrusion was traced to 14 November 2024, and the stolen records were subsequently advertised for sale on a hacking forum by an actor going by "near2tlg".
The attacker claimed to have exfiltrated the personal data of 6,137 clients and 9,517 prospects — roughly 15,000 people in total — with the banking details (IBAN/RIB) of about 5,800 of them included. The dataset was offered to a limited number of buyers in JSON format.
Exposed data categories included:
- Full names
- Email addresses
- Phone numbers
- Banking details (IBAN/RIB) — for clients only
The breach exposes affected individuals to a heightened risk of phishing, banking fraud, and identity theft. The same actor was linked to a series of other 2024 attacks against French targets, including SFR, the news outlet Le Point, and healthcare data. Direct Assurance moved to revoke the compromised access; the incident appears contained, though full details of the company's response were not publicly confirmed at the time of reporting.
Sources
- zataz.comhttps://www.zataz.com/cyberattaque-sur-direct-assurance-un-pirate-parle-de-milliers-de-clients-et-prospects-exposes/
- usine-digitale.frhttps://www.usine-digitale.fr/article/25-11-2024-les-donnees-personnelles-de-15-000-clients-de-direct-assurance-volees-par-un-hacker.N2222992