This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Prosura

Summary

Prosura, an Australian insurance provider specialising in rental car excess insurance, disclosed a data breach on 4 January 2026 after detecting unauthorised access to its internal systems. The breach exposed customer names, contact details, policy information, and driver's license images for those who had previously made claims. The attacker has contacted some customers directly in an attempt to pressure the company.

What Happened

On 3 January 2026, Prosura identified that an unknown attacker had gained unauthorised access to portions of their internal IT systems. The company immediately engaged external cybersecurity experts to investigate the incident and implement enhanced security measures.

The attacker has engaged in aggressive tactics, including directly contacting some Prosura customers via fraudulent emails. These emails reference older, completed policies and appear designed to pressure both the company and affected individuals.

As a precautionary measure, Prosura temporarily disabled key online functions including the ability to purchase policies, submit or manage claims, and access the customer self-service portal while the investigation continues.

Impact on Individuals

The breach potentially exposed customer information including names, email addresses, phone numbers, physical addresses, country of residency, travel destinations and dates, policy start and end dates, and invoicing information. For customers who previously made claims, the breach may also have exposed driver's license images submitted as supporting documentation.

The exposure of driver's license images creates a risk of identity theft, as these documents contain enough information to facilitate fraudulent applications for credit or government services. Combined with contact information and travel details, the compromised data could also be used for targeted phishing attacks or physical crimes.

Prosura has stated there is no indication that payment information, including credit card details, was accessed. The company does not store credit card information in its systems.

Some customers have received fraudulent emails from the attacker claiming responsibility for the breach and referencing their policy details. Prosura has advised customers not to respond to suspicious communications and to contact [email protected] if they receive such messages.

Organisational Response

Upon discovering the breach, Prosura immediately notified the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC). The company engaged external cybersecurity specialists to investigate the incident and has implemented enhanced monitoring systems to detect further unauthorised activity.

Prosura temporarily suspended online services as a precautionary measure while securing their environment. The company has assured customers that all active policies remain valid and coverage continues for travellers.

The company is providing ongoing updates via its website and has established a dedicated support email ([email protected]) for customer enquiries related to the incident.

Verification Source: View original statement