What happened to ClaimPix?

ClaimPix was found to be exposing over 5 million records containing personally identifiable information and confidential documents through an unencrypted publicly accessible database. The leak exposed 5,170,256 files totaling approximately 10 terabytes of data.

What type of data was exposed in the ClaimPix breach?

The exposed data included names and physical addresses, phone numbers and email addresses, powers of attorney documents (nearly 16,000 documents), vehicle registration information, VIN numbers and license plate data, repair invoices and damage estimates, images of damaged vehicles with visible identifying information, IP addresses of individuals who signed electronic documents, insurance policy information and claim details, internal software license agreements, driver's licenses and proof of insurance cards, and partial credit card information.

What caused the ClaimPix data breach?

The cause of the leak was an unencrypted publicly accessible database that was not properly secured, allowing unauthorized access to sensitive personal and financial information.

What are the potential risks from the ClaimPix data breach?

The database contained nearly 16,000 powers of attorney documents which can be modified to enable fraudulent transactions if misused. The exposed personal information could also be used for identity theft, insurance fraud, and other malicious activities given the comprehensive nature of the data including names, addresses, vehicle information, and partial credit card details.

Incident

Auto insurance platform ClaimPix exposes over 5 million records containing sensitive personal documents

Q: What is ClaimPix?

ClaimPix is an Illinois-based auto insurance platform that operates as a platform for managing and filing auto insurance claims across the United States. The company provides white-labeled solutions that allow insurance companies to send customers links through their portal, enabling mobile device photo uploads for required documentation such as vehicle damage assessments, license plates, VIN numbers, and proof of coverage documents.

Q: How many people were affected by the ClaimPix breach?

The number of affected individuals is not disclosed, but many documents contained information about multiple parties including vehicle owners, insurance policyholders, and authorized representatives. The breach exposed over 5 million records in total.

Q: How did ClaimPix respond to the data breach?

ClaimPix responded by acknowledging the security issues and confirming the findings. The company stated that they had investigated the matter and implemented policy updates and code changes to address the issue. The database was restricted from public access shortly after the initial notification.

published: Sept. 23, 2025

Learn More

ClaimPix, an Illinois-based auto insurance platform, was found to exposing over 5 million records containing personally identifiable information and confidential documents.

ClaimPix operates as a platform for managing and filing auto insurance claims across the United States. The company provides white-labeled solutions that allow insurance companies to send customers links through their portal, enabling mobile device photo uploads for required documentation such as vehicle damage assessments, license plates, VIN numbers, and proof of coverage documents. The platform serves insurance companies, vehicle transportation services, and related businesses throughout the automotive insurance ecosystem.

The leak was discovered and reported by cybersecurity researcher Jeremiah Fowler on September 23, 2025. The cause of the leak was an unencrypted publicly accessible database. The database exposed 5,170,256 files totaling approximately 10 terabytes of data. Exposed data includes:

Names and physical addresses
Phone numbers and email addresses
Powers of attorney documents (nearly 16,000 documents)
Vehicle registration information
VIN numbers and license plate data
Repair invoices and damage estimates
Images of damaged vehicles with visible identifying information
IP addresses of individuals who signed electronic documents
Insurance policy information and claim details
Internal software license agreements
Driver's licenses and proof of insurance cards
Credit card information (partial)

The number of affected individuals is not disclosed but many documents contained information about multiple parties including vehicle owners, insurance policyholders, and authorized representatives. The database also had nearly 16,000 powers of attorney documents which can be modified to enable fraudulent transactions if misused.

ClaimPix responded acknowledging the security issues and confirming the findings. The company stated that they had investigated the matter and implemented policy updates and code changes to address the issue. The database was restricted from public access shortly after the initial notification.

Auto insurance platform ClaimPix exposes over 5 million records containing sensitive personal documents

Read More
Pax8 Data Leak Exposes 1,800 MSP Partners
Hackers breach ConnectWise ScreenConnect environment, affecting multiple cloud …
EmEditor website compromised to distribute Infostealer malware
MyLovely.AI Data Breach Exposes Intimate Content and Personal …
Mogilevich hacking group claims attack on Epic Games, …