🔒breach.co.nz · the NZ & Australia breach register 🛡️ A Govern service
Register › 🇦🇺 AU › Finance
Finance sector · leaderboard
Own the Finance leaderboard
The top banner across the Finance overview and every Finance record — one advertiser, exclusively.
Own this leaderboard → breach@govern.co.nz

youX

🇦🇺 Australia · YouX Pty Ltd · Record AU-2026-0102
○ Reported — awaiting official confirmation
Reported — awaiting official confirmation. The facts below are drawn from the organisation's own disclosure and credible reporting. Figures are as reported; unknowns are labelled, not estimated by us.
People affected
444,538 (approx)
Breach date
2026-02
Regulator
OAIC notified
Trust tier
B · Reported

Data exposed

Home addresses, income and debt details, government IDs (including about 5,010 driver-licence numbers in a preview), broker-customer SMS, vehicle identifiers, employee password hashes and financial-hardship notes Company-confirmed

Confidence: Confirmed = regulator/court · Company-confirmed = the organisation's own disclosure · Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

In February 2026 the loan-brokerage platform youX confirmed that personal information had been accessed and downloaded after data was uploaded to a hacking forum [youx-acs], [youx-ib]. The exposed data covered roughly 444,000 borrowers and more than 600,000 loan applications — home addresses, income and debt details, government IDs and financial-hardship notes [youx-acs]. youX notified the OAIC.

Current status

Disclosed. An attacker claim that the data reached major lenders is unverified and is not asserted here; the ~444,000 figure derives from analysis of the leaked data [youx-acs].

Why it matters

Loan applications concentrate the most sensitive financial and identity data a person holds, making a breach of them particularly damaging.

GGOVERN Tabletop Exercises · Govern house Rehearse the breach before it reaches the balance sheet. Book a Discovery Call →