A database allegedly belonging to U.S. digital-first auto insurer Clearcover has been listed for sale on a cybercrime forum, with the seller claiming it contains approximately 448,000 customer records. The claims have not been independently verified by BreachNews.
According to the forum listing, the purported dataset contains 448,603 records dating from June 25, 2026. The seller claims the information was obtained from Clearcover and is being offered for sale only once.
Alleged customer and vehicle data exposed
The seller claims the exposed dataset includes customer names, street addresses, cities, states, ZIP codes, vehicle make, model, model year, body style, vehicle identification numbers (VINs), vehicle categories, and odometer readings.
Unlike many breach claims involving only contact information, the alleged dataset links personally identifiable information with detailed vehicle information. While the samples do not include Social Security numbers, payment card data, or insurance policy details, the combination of home addresses and VINs could increase the risk of targeted phishing, insurance fraud, vehicle-related scams, and other forms of identity abuse if authentic.
Seller claims hundreds of thousands of records
The forum post describes Clearcover as a digital-first insurer serving customers primarily through its website and mobile application. Sample records shared by the seller appear to include U.S. customer names alongside corresponding vehicle information and addresses. BreachNews has redacted the sample data and has not verified its authenticity.
The alleged exposure follows a steady stream of unverified breach listings targeting insurance providers and organizations that maintain large volumes of customer data. Earlier this month, BreachNews reported on an alleged Allianz exposure involving source code and credentials, underscoring the continued interest cybercriminals show in organizations across the insurance sector.
At the time of publication, Clearcover had not issued any public statement regarding the alleged breach.
BreachNews will post an update if Clearcover confirms the incident, disputes the claims, or additional evidence becomes available.
