Aura Data Breach: Vishing Attack Exposes 900,000 Marketing Records
Learn More
Aura, a consumer digital safety and identity protection firm, reports a data breach in March 2026 after a successful social engineering attack.
The incident was caused by a voice phishing (vishing) campaign that targeted an Aura employee, allowing attackers to gain access to a corporate account for approximately one hour.
The ShinyHunters gang claimed responsibility for the intrusion on their dark web site, claiming they stole 12GB of files after the company allegedly refused to meet ransom demands.
The attackers exploited the compromised employee credentials to access a legacy marketing tool. This specific platform was inherited by Aura during its 2021 acquisition of another company and contained historical marketing data. The compromised data includes:
- Full names
- Email addresses
- Home addresses
- Phone numbers
- Customer service comments
- IP addresses
The number of affected individuals includes approximately 901,000 total records, but Aura reports that only 20,000 active and 15,000 former customers were impacted. The remaining records consist of marketing contacts from the acquired entity (which are still people, just apparently not people Aura cares about in the same way).
The company hired external cybersecurity and legal experts to assist in the investigation and notified law enforcement authorities. Aura stated that its internal security architecture, which segregates and encrypts sensitive PII, successfully limited the scope of the exposure. The Have I Been Pwned service has already integrated the leaked data into its database for user verification.
