Incident Overview

A threat actor operating under the handle "Solonik" claims to have released a full consumer insurance database from Acuity, an insurance provider based in Illinois, USA. According to the post, the dataset contains over 9 million individual records with detailed demographic and contact information collected from internal and public sources. The data type is described as "Insurance / PII / Consumer Leads" in CSV format.

Key fields listed include: full name (first/middle/last/suffix/prefix), complete address (street, city, ZIP, state, unit), date of birth (day, month, year), gender, marital status, number of children, generations, phone number and area code, and RDID (internal risk/deal/client ID). The dataset also includes inferred attributes such as home ownership, occupation group, ethnicity, language code, and dwelling type. The threat actor states the dump is ideal for "identity profiling and enrichment," "targeted campaigns (insurance, finance, home ownership)," and "fraud simulations and verification bypass testing."