HomeIntelligenceBrief
BREACH BRIEF🟠 High Breach

Aura Data Breach Exposes 900,000 Marketing Contacts via Voice‑Phishing Attack

Aura confirmed that a vishing attack on an employee resulted in the theft of nearly 900k marketing‑tool records, including names, emails, addresses and phone numbers. The breach underscores third‑party supply‑chain risks for identity‑protection SaaS providers.

LiveThreat™ Intelligence · 📅 March 19, 2026· 📰 bleepingcomputer.com
🟠
Severity
High
BR
Type
Breach
🎯
Confidence
High
🏢
Affected
3 sector(s)
Actions
3 recommended
📰
Source
bleepingcomputer.com

Aura Data Breach Exposes 900,000 Marketing Contacts via Voice‑Phishing Attack

What Happened — Aura, a consumer identity‑protection SaaS, confirmed that a voice‑phishing (vishing) attack on an employee led to unauthorized access and exfiltration of nearly 900,000 marketing‑tool records. The leak includes full names, email addresses, home addresses, phone numbers, IP addresses and service‑center comments for roughly 35 k Aura customers and 865 k other contacts.

Why It Matters for TPRM

  • Large‑scale PII exposure creates phishing and credential‑stuffing risk for downstream partners.
  • The breach originated from a third‑party marketing platform inherited through an acquisition, highlighting supply‑chain data‑handling gaps.
  • Threat‑actor ShinyHunters publicly released the data, increasing reputational and regulatory pressure on Aura and any organizations that share its services.

Who Is Affected — Consumer‑facing identity‑protection SaaS providers, marketing‑tool vendors, and any enterprises that integrate Aura’s identity‑verification APIs.

Recommended Actions — Review contracts and data‑flow diagrams for Aura‑related services, verify that third‑party marketing data is segmented, and confirm that MFA and phishing‑resistance controls are enforced for all Aura accounts.

Technical Notes — Attack vector: voice‑phishing (vishing) that compromised employee credentials. No known CVEs; data types exposed: names, emails, physical addresses, phone numbers, IP addresses, and service‑center comments. Financial data, SSNs, and passwords were not compromised. Source: BleepingComputer

📰 Original Source
https://www.bleepingcomputer.com/news/security/aura-confirms-data-breach-exposing-900-000-marketing-contacts/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · SOC 2 Readiness

Could you prove your access controls held up here?

Credential and access failures map directly to SOC 2 access-control criteria. The Verisq AI Trust Operations platform shows where your evidence is thin before an auditor — or an attacker — finds out.

Explore the Verisq AI Trust Operations platform →