CarGurus Data Breach Claim Alleges 1.7M Records Compromised | DataBreach.io

A threat actor, ShinyHunters, claimed responsibility for a data breach at CarGurus, initially alleging over 1.7 million records were compromised, including personally identifiable and internal corporate data. Later, ShinyHunters released over 12 million user records, containing email addresses, names, and IP addresses, after the company did not meet their demands. CarGurus confirmed a cybersecurity incident, stating they are investigating and have secured the environment, though they characterized the breach as limited in scope.