Aura
March 18, 2026
•[ voice phishing, vishing, data leak ]
BleepingComputer reported Aura confirmed an incident where an unauthorized party gained access to nearly 900,000 records containing names and email addresses. Aura said the incident was caused by voice phishing targeting an employee and that the exposed data originated from a marketing tool used by a company acquired in 2021. Aura stated the event exposed information for 20,000 current and 15,000 former customers within the larger marketing dataset and that compromised customer information includes full names, email addresses, home addresses, and phone numbers, while emphasizing SSNs, account passwords, and financial information were not compromised. ShinyHunters claimed responsibility and said it stole 12GB of files and leaked them.
Aura
March 6, 2026
•[ data leak, PII exposure, marketing tool breach ]
In March 2026, the online safety service Aura disclosed a data breach that exposed 900k unique email addresses. The data was primarily associated with a marketing tool from a previously acquired company, with fewer than 20k active Aura customers affected. Exposed data included names, phone numbers, physical and IP addresses, and customer service notes. Aura advised that no Social Security numbers, passwords or financial information were compromised.
