CarGurus Data Breach (2026)
CarGurus
highXposedOrNot
Disclosed
February 1, 2026
54 days ago
Records
12.5M
Confirmed
Root Cause
Unknown
Industry
Retail
Description
CarGurus, an automotive marketplace, was targeted in February 2026 by the threat actor ShinyHunters, with data later published publicly exposing over 12M email addresses along with user account IDs, names, phone numbers, physical and IP addresses, and auto finance application outcomes.
Exposed Data Types
Exposed Data
Phone NumbersIP AddressesPhysical addressesNamesEmail addresses