A threat actor has allegedly put a database containing the records of 1.5 million customers of Pelayo Seguros, a prominent Spanish insurance company, up for sale on a dark web forum. The seller claims the data is “fresh content” and is asking for $1,500 in cryptocurrency (Bitcoin or Monero) for the entire dataset. The post was accompanied by a sample of the data structure to prove the legitimacy of the information.
Pelayo Seguros is a major player in the Spanish insurance market, with a history dating back to 1933. The company provides a wide range of insurance products, including automotive, home, life, and health policies, to over 845,000 members and holds more than 1.2 million policies. The alleged breach is significant, as the exposure of sensitive customer data could lead to a variety of malicious activities, including phishing campaigns, identity theft, and targeted fraud.
The compromised information allegedly includes a vast amount of personally identifiable information (PII) and other sensitive details. Based on the information shared by the seller, the leaked data fields include:
- Full Name (First and Last)
- National ID (ID_CLI)
- IBAN (Bank Account Number)
- Full Address (Street, Postal Code, City, Region)
- Email Address and status
- Phone Number (via contact fields)
- Date of Birth
- Gender
- Policy and Client Details
- Internal user and creation/modification dates
