Aussie Fintech Platform Youx Confirms Data Breach As Hacker Shares Massive Dataset Online

Aussie Fintech Platform Youx Confirms Data Breach 🚨

A member of a notorious hacking platform has claimed responsibility for a hack impacting hundreds of thousands of Australians. Australian fintech platform youX confirmed this week that it had identified unauthorized access to its systems by a third party and is currently undertaking an investigation.

“We are now aware that a threat actor has released data that it claims to have obtained as part of its unauthorized access. As a result, we have identified that personal information may have been compromised,” youX stated in a 17 February update to its disclosure statement.

In accordance with legal obligations, youX has kept the Office of the Australian Information Commissioner (OAIC) informed throughout this matter. Now that the incident has evolved, they will continue lodging the appropriate regulatory notifications to affected individuals whose information may have been compromised.

While youX continues to investigate the incident and engage with stakeholders, the hacker has made some alarming claims about the data compromised by the breach. According to the hacker, they were able to exfiltrate the personal and financial data of 444,538 unique borrowers. This includes income, debts, government IDs, and home addresses, all due to the trust placed in finance brokers who made the critical error of trusting youX.

The hacker claims to have accessed an unsecured MongoDB Atlas cluster with data relating to more than 90 downstream lenders. The full dataset allegedly contains:

• Financial details for 444,538 unique borrowers
• Details of 629,597 loan applications
• Copies of 229,236 Australian driver’s licenses
• A total of 607,822 residential addresses
• Data belonging to 797 broker organizations, including ABNs, banking details, staff directories, and full customer portfolios.

Currently, the hacker has only shared a preview of the full dataset, which allegedly contains $3.7 billion in loan applications across 149,349 records, submitted to 93 lenders, along with 5,010 driver’s licenses, 5,955 residential histories, and 5,955 employment records. More than 8,000 password hashes belonging to various broker employees have also been compromised as part of this incident.

The hacker referenced a report by white hat researcher Jeremiah Fowler, who first identified the insecure MongoDB instance in March 2025. The hacker claims that the instance was still easily accessible 10 months later.

“We gave youX a chance,” the hacker said, continuing to extort the company ahead of releasing further tranches of data in stages over the coming weeks.

Viking Asset Aggregation, involved in the breach, acknowledged the incident to Cyber Daily’s sister brand, Broker Daily. Simon Gwynne, Viking Asset’s general manager, stated, “Viking Asset Aggregation is aware that one of our finance technology partners, youX, has recently experienced an IT security incident that involved unauthorized access to their systems by a third party.”

For more details, Read full article.