What happened
In late 2024 the mortgage aggregator Finsure disclosed a cyber incident affecting customers and brokers. The exposure occurred on a third-party platform — the ActivePipe email-marketing service — rather than on Finsure’s own systems [fin-adviser]. Finsure said the compromised data was limited to names, email addresses, phone numbers and physical addresses, and that no credit-card details, identity documents, passwords or financial information were involved [fin-adviser].
Timeline
- 2024-10 — Incident occurred on the third-party ActivePipe platform [fin-hibp].
- 2024-11 — Finsure publicly confirmed the incident and notified affected people [fin-adviser].
Current status
Disclosed. The number of people affected is contested and no official figure has been confirmed. Have I Been Pwned indexed roughly 296,000 email addresses attributed to the incident, while the platform provider disputed that scale [fin-hibp], [fin-adviser]. Because there is no regulator-verified count, no figure is asserted here.
Why it matters
Even a “contact details only” breach at a mortgage aggregator is useful to fraudsters for targeted phishing, and it shows how a supplier’s marketing platform can become the weak link that exposes a financial firm’s customers.