Approximately 229,226 Australian driver’s licenses were reportedly compromised by hackers who breached security at DuXa popular software platform used by automakers and dealers to finance new vehicles.
Sydney-based YouX – formerly known as Drive IQ – says on its website that it works with “87 percent of Australia’s original equipment manufacturer (OEM) lenders” to provide its vehicle financing software, including application and approval processes.
Accordingly Broker DailyHackers said they accessed more than 8,000 password hashes on the platform earlier this month, exposing highly sensitive personal information of 444,538 people.
This reportedly includes 229,226 driver’s license numbers, as well as names, phone numbers, email addresses, home addresses, financial records and loan applications.
With Daily Sparkz you can save thousands on a new car. Click Here to get a great deal.
The 141GB of data stolen reportedly includes 629,597 loan applications, Australian Business Numbers (ABNs), staff directories and “full customer portfolios”.
“We are aware that a threat actor (attacker) has published data online containing information they purportedly extracted from YouX’s systems,” the company said in a statement last updated on February 23, 2026.
“We have reviewed this information and confirm that the threat actor accessed and downloaded personal information. We are responding to this development and will continue to keep all of our stakeholders informed.”
The data is reportedly being used to hold YouX to ransom and demand payment to prevent it from being put up for sale.
A report from Information age said the hackers claimed the ransom had been paid, but YouX has not confirmed whether this is true.
Tech site Cyberdaily.com.au has reported: “Much of the data has already been shared on a popular hacker forum, and the hacker is threatening to release more stolen data in the coming weeks.”
The Broker Daily Website quotes Liam Garman, co-host of the Financial specialist Podcast saying: “What we have online now, and potentially have to gain, is a treasure trove of data.”
“This can really paint a picture of where you are financially in your life, including through your personal information, allowing threat actors to create quite sophisticated phishing campaigns targeting vulnerable Aussies.”
YouX has provided a support page and email address for concerned customers who may have been affected by the cyberattack.
It also says it continues to keep the Office of the Australian Information Commissioner (OAIC) and the Australian Cyber Security Center (ACSC) updated on the situation, which dates back to February 9, 2026.
