Australian rental car insurance provider Prosura has confirmed it is responding to a significant cybersecurity incident after unauthorised access to parts of its computer systems resulted in some customers being contacted by an alleged threat actor and receiving fraudulent emails.

Prosura, which sells excess insurance policies for rental vehicles and also trades as Hiccup through the VroomVroomVroom platform, said it first detected suspicious activity on its systems on 3 January 2026. In response, the company temporarily disabled key online services, including its customer self-service portal and the ability to purchase or manage policies, while it investigates and secures its environment.

Data Potentially Exposed

In a statement on its website, Prosura acknowledged that unauthorised access may have exposed personal and policy information. The data potentially impacted includes names, email addresses, phone numbers, country of residence, travel destinations, invoicing and pricing details, as well as policy start and end dates. For some customers who had lodged claims, additional information — including driver licence details and related images — may also have been compromised.

The company said there is no indication that credit card or payment details were accessed, noting it does not store such information.

Threat Actor Contact and Fraudulent Messages

Prosura confirmed that some customers received fraudulent emails purportedly about older, completed policies. These messages referenced the incident and, in some cases, directed recipients to contact third-party email addresses. The company has urged customers not to reply to suspicious emails or engage with unsolicited phone calls or text messages.

According to reporting by ABC News, an email seen by journalists from someone claiming to be responsible for the breach stated the systems had been breached on New Year’s Day and threatened to leak consumer information unless contact was made.

Company Response and Customer Advice

Prosura’s founder and managing director, Mike Boyd, said the company is conducting an urgent review of its systems and has put additional security measures in place to prevent future incidents. Authorities, including the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC), have been notified, with further notifications to regulators to follow as required.

Prosura reassured policyholders that existing cover remains in place for active policies and that travel plans can proceed as usual, even while services are offline. Customers needing claims support are being asked to contact the insurer directly via its support email with “Claim” in the subject line.

Broader Cyber Risk Context

The incident adds to a series of high-profile cyber attacks affecting Australian organisations in recent years, underscoring ongoing challenges around data security and privacy protections across sectors.