youX, an Australian B2B FinTech platform formerly known as Drive IQ, has allegedly been compromised in a severe data breach. According to an anonymous extortion post, the exfiltration includes 141GB of data from a MongoDB Atlas cluster, exposing extensive personal and financial information belonging to hundreds of thousands of unique borrowers and broker organizations. The attackers claim they are publishing a “breach preview” involving smaller broker organizations after the company refused an extortion demand to pay for the data’s deletion. Notably, the threat actors referenced a previous March 2025 disclosure by white-hat security researcher claiming that youX failed to properly remediate the systemic vulnerabilities—such as active 2021 credentials and unrotated JWT signing secrets—identified at that time.
The allegedly compromised data includes:
-
Personal and financial details for 444,538 unique borrowers (including full names, dates of birth, physical addresses, email addresses, phone numbers, government IDs, and notes on financial difficulties)
-
629,597 loan applications detailing income, expenses, liabilities, assets, employment status, marital status, and dependents
-
229,236 Australian driver’s licence numbers
-
607,822 residential addresses
-
Data on 797 broker organizations, including ABNs, banking details, staff directories, and full customer portfolios
-
8,075 WordPress password hashes for broker employees
-
397,716 SMS conversations between brokers and customers
-
105,934 VIN-to-licence-plate mappings
-
Production credentials, including MongoDB connection strings, JWT signing secrets, and multiple downstream organization passwords
Daily Dark WebRead More
R1
T1
