Overview
- youX said it identified unauthorised access by a third party, began an investigation, increased monitoring, and kept Australia’s privacy regulator informed.
- A threat actor released a preview of a claimed 141GB dataset and threatened staged dumps as part of an extortion attempt.
- The hacker claims the cache covers 444,538 borrowers, 629,597 loan applications, about 229,000 driver licences, 607,822 addresses, data from 797 broker organisations, and more than 8,000 password hashes.
- The attacker says the data came from an unsecured MongoDB Atlas instance tied to over 90 lenders, a claim linked to a 2025 researcher alert that youX says was fixed.
- Rapid7 warned the aggregated information is highly usable for targeted phishing, fraud, and downstream account takeovers beyond the original platform.