CarGurus Data Breach Exposes 12.5 Million User Records in Alleged ShinyHunters Compromise

Summarize with:

ChatGPT Claude.ai Google AI Grok Perplexity

Add as preferred source on Google

Automotive marketplace CarGurus suffered a data breach in February 2026, which resulted in the exfiltration of a massive dataset containing personally identifiable information (PII). On February 22, 12.5 million email addresses were added to the Have I Been Pwned (HIBP) breach notification service.

Automotive Marketplace Breach Details: ShinyHunters Cyberattack

Following an unsuccessful ShinyHunters extortion attempt against the company, the threat actors publicly released the compromised data, according to HIBP. The alleged compromised data dump is extensive, impacting multiple facets of the platform's user base. 

The breach reportedly includes several distinct files containing user account ID mappings, dealer account details, subscription information, and sensitive data from finance pre-qualification applications. 

The exposed PII includes:

• full names, 
• email addresses, 
• phone numbers,
• physical addresses, 
• IP addresses. 

ShinyHunters claimed in their post that "other internal corporate data" was also stolen, amounting to more than 17 million records.

Data Security Implications in the Automotive Industry

Online marketplaces like CarGurus aggregate vast quantities of valuable consumer and commercial data, making them high-value targets for threat actors. Reports say ShinyHunters suggested the breach occurred on February 13, as part of the group’s custom PhaaS kit vishing campaign targeting Okta SSOs. 

Organizations in this sector need to implement robust security controls, including multi-factor authentication (MFA) and stringent access management, to protect against such damaging cyberattacks.

TechNadu reported earlier this month that automotive giant Volvo exposed employee information via a Conduent data breach, and INC Ransom claimed an attack on automotive supplier Yazaki Group in December.

Related

Top Cybersecurity News of the Week: Impersonation, Vulnerabilities, and AI Rewire The Cyber Playbook as Governments and Industry Respond

NHS Scotland Domain Breached to Host Adult Content and Illegal Sports Streams, Exposing Infrastructure Vulnerabilities

Hackers Hired to Target Android, iCloud of Egyptian, Lebanese Journalists and Activists

Eurail Data Breach Exposes 300,000 Passports, Impacts DiscoverEU Program

WireGuard VPN Developer Faces Update Block Due to Microsoft Account Lock

SaaS Notification Pipeline Abuse, GitHub Phishing Campaigns, and Jira Notification Hijacking Increased, Cisco Talos Warns 

Your Weekly Cybersecurity Briefing

Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.

Subscribe for Free

Please enter a valid email address.

Most Popular

Top Cybersecurity News of the Week: Impersonation, Vulnerabilities, and AI Rewire The Cyber Playbook as Governments and Industry Respond

NHS Scotland Domain Breached to Host Adult Content and Illegal Sports Streams, Exposing Infrastructure Vulnerabilities

Hackers Hired to Target Android, iCloud of Egyptian, Lebanese Journalists and Activists

Eurail Data Breach Exposes 300,000 Passports, Impacts DiscoverEU Program

WireGuard VPN Developer Faces Update Block Due to Microsoft Account Lock

SaaS Notification Pipeline Abuse, GitHub Phishing Campaigns, and Jira Notification Hijacking Increased, Cisco Talos Warns 

Top Cybersecurity News of the Week: Impersonation, Vulnerabilities, and AI Rewire The Cyber Playbook as Governments and Industry Respond

NHS Scotland Domain Breached to Host Adult Content and Illegal Sports Streams, Exposing Infrastructure Vulnerabilities

Hackers Hired to Target Android, iCloud of Egyptian, Lebanese Journalists and Activists

Eurail Data Breach Exposes 300,000 Passports, Impacts DiscoverEU Program

WireGuard VPN Developer Faces Update Block Due to Microsoft Account Lock

SaaS Notification Pipeline Abuse, GitHub Phishing Campaigns, and Jira Notification Hijacking Increased, Cisco Talos Warns