Skip to content
Support
Sign In Subscribe
Leaks

Over 63,000 Records Allegedly Leaked From French Vehicle Inspection Firm Autosur

 and  Dark Web Informer
9 min read
Breach Report France flagFrance Automotive

Over 63,000 Records Allegedly Leaked From French Vehicle Inspection Firm Autosur

Threat actors using the aliases ChimeraZ and misere have posted what they describe as a partial database of Autosur (autosur.fr), a French professional vehicle inspection and technical-control (contrôle technique) service used by car owners and dealerships. The leak is a ~211 MB JSON dataset of about 63,349 inspection records covering roughly 20,193 people, shared as sample files of around 25,000 and 38,000 records. Claimed fields include vehicle-owner names, postal addresses, cities, mobile and landline numbers, emails, dates of birth and city of birth, alongside vehicle data such as license plates, VIN/serial numbers, make, model, and mileage. The dataset's scope is unverified.

Data63.3K records
PriceFree leak
CountryFrance flagFrance
ActorChimeraZ

Post details

TargetAutosur (autosur.fr), vehicle inspection
CountryFrance flagFrance
SectorAutomotive / Vehicle Inspection
ClaimPartial database leaked (JSON)
Data~63.3K records / ~20.2K people
ObservedJun 16, 2026
PriceFree leak (reply-gated)
ActorChimeraZ (with misere)

!Allegedly included

  • ~63,349 inspection records (claimed)
  • ~20,193 individuals
  • 211 MB JSON dataset
  • Names, emails & phone numbers
  • Postal addresses & cities
  • Dates of birth & city of birth
  • License plates & VIN/serial
  • Vehicle make, model & mileage

Screenshot

Autosur France alleged leak Screenshot 1 Screenshot 1 Redacted preview

Potential impact

If authentic, this dataset is more sensitive than a typical directory leak because it pairs identity PII (names, home addresses, dates of birth, city of birth, phone numbers, and emails) with vehicle identifiers such as license plates, VIN/serial numbers, make, model, and mileage. That combination can fuel targeted phishing, fake inspection or recall notices, vehicle-related fraud, identity theft, and even physical-world targeting where a home address is tied to a specific car. A reset_password field appears in the schema, but values are null in the samples, and no cleartext credentials or payment/financial data are referenced. The scope and authenticity are unconfirmed.

iStatus

Unverified

Sample JSON records and download links were posted to an underground forum behind a reply-gate (“hidden content”); the sample records and download links are not reproduced here. The actors describe the data as a partial leak of the company's database. The claim has not been independently confirmed and Autosur has not publicly addressed it.

Want the non-redacted screenshots? Paid subscribers get all of the claim details and unredacted screenshots. Check out the threat feed or ransomware feed (whichever applies to this post), then after subscribing, search there for this alert to view the unredacted version. View pricing →

DARK WEB INFORMER - THREAT INTELLIGENCE

Related

Latest