(Re)in Summary
• ANZ insurer Prosura says it detected unauthorised access to its systems on 3 January and suspended online services while it investigates.
• The insurer is working with cybersecurity experts to investigate, secure systems, and restore services.
• Exposed data may include customer contact details, travel information, and some claims data, but not payment information.
Australian-New Zealand insurer Prosura has confirmed it has been hit by a “concerning” cybersecurity incident after detecting unauthorised access to parts of its systems. It has
The company, which also operates under the name Hiccup and sells insurance to cover rental car accidents in Australia and New Zealand, said in a statement on its website that it detected the incident on Saturday, 3 January.
The company added that it has temporarily shut down key online services while it investigates and contains the breach, including the ability to purchase policies, submit or manage claims, or administer existing policies through its self-service portal.
“We’re taking this incident extremely seriously,” Prosura managing director Mike Boyd said, while expressing apology for the incident. “We will work with cybersecurity experts to investigate what happened, secure our systems, and restore services safely.”
Prosura’s initial findings indicate that customer names, email addresses, phone numbers, country of residence, travel destinations, invoicing and pricing details, policy start and end dates, and certain claims information, such as drivers’ licences and related images, may have been accessed.
The insurer, however, said there is no indication that payment information has been compromised, noting that it does not store credit card details and that financial data remains unaffected by the breach.
Prosura also warned that some customers have received fraudulent emails related to older, completed policies that may reference the incident and direct recipients to contact third-party email addresses. The company advised customers not to respond to such messages or engage with any external contacts mentioned.
“Our focus is on protecting our customers, supporting those affected, and restoring services safely. If we confirm new important information as our investigation continues, we will share it with customers via this Incident page,” Boyd said.





