Aura disclosed a data breach in March 2026 affecting over 900,000 customer records, primarily from a marketing tool associated with a previously acquired company.
What happened
According to Aura's official disclosure, the online safety service experienced a data breach in March 2026 that was discovered and publicly announced on March 18, 2026. The exposed data was primarily associated with a marketing tool from a previously acquired company.
What was exposed
The breach exposed names, email addresses, phone numbers, physical addresses, IP addresses, and customer service comments. According to Aura's statement, no Social Security numbers, passwords, or financial information were compromised in the incident.
Who is affected
The breach affected approximately 903,080 unique email addresses. However, Aura reported that fewer than 20,000 of its active customers were impacted, with the majority of exposed records associated with the legacy marketing tool from the acquired company.
What to do now
Affected individuals should monitor their accounts for suspicious activity and consider updating security settings. Those who received notification from Aura should follow the company's recommended remediation steps provided in their disclosure communication.