TripleA Data Breach
AAA (Triple-A) Automobile Club Breach (Salesforce, 2025): 11.2 Million Member Contact Records Including Home Address Exposed
American Automobile Association (AAA) – roadside assistance and travel membership club.
Risk Interpretation
Exposure enables phishing, roadside-assistance impersonation, vehicle-linked fraud, and household targeting. Membership and vehicle data can also reveal mobility patterns and financial signals.
Impact & Downstream Threats
AAA was among the approximately 39 organizations listed on the Scattered LAPSUS$ Hunters dark web leak site in October 2025, with member contact data including email addresses, phone numbers, and home addresses published. AAA has not made detailed public statements about the specific scope of its exposure in this campaign. Given the membership-based nature of AAA's data, the exposed records represent people who had affirmatively enrolled in the organization and provided home contact details for
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat Vectors
Breach Intelligence
Executive Summary
AAA (the American Automobile Association) suffered a data breach affecting 11.2 million members after a threat actor group calling itself "Scattered LAPSUS$ Hunters" compromised the organization through a supply chain attack on the Salesforce platform. The attack was one of roughly 39 breaches attributed to the same group in October 2025. The attackers released a sample of the stolen database on October 3, 2025, and stated the full dataset would be published on October 10, 2025. The exposed records include full names, email addresses, phone numbers, and home mailing addresses. Membership details were also present, including membership level, status, type, join date, renewal date, and years of membership. Because AAA members typically enroll to receive roadside assistance and insurance-related services, this data carries a strong implication of vehicle ownership and home location, making affected individuals vulnerable to phishing, roadside-assistance impersonation scams, vehicle-linked fraud, and targeted household schemes. AAA had not made detailed public statements about the scope of its specific exposure as of the known reporting period. No regulatory actions or individual notifications had been publicly confirmed at the time of indexing. Affected members should treat unsolicited contact referencing their AAA membership, vehicle, or home address with extreme caution, particularly requests that invoke urgency around roadside or insurance services.
About TripleA
AAA — the American Automobile Association — is a nonprofit membership organization providing roadside assistance, travel planning, insurance products, and automotive services to more than 60 million members across the United States and Canada. Individual AAA clubs operate regionally under the national federation. The organization is one of the largest member service clubs in North America and a major provider of travel agency, automotive, and insurance brokerage services.
Why They Hold Your Data
Automobile club membership platforms collect member identity, contact details, vehicle data, billing records, roadside-assistance history, travel-related activity, and household-linked records across membership services.
Recent Developments
AAA has been expanding its digital service capabilities, including mobile roadside assistance dispatch and electric vehicle charging network partnerships as the organization adapts to the shift toward EVs. It has continued growing its insurance and travel service offerings to members. No major governance or structural changes have been prominently reported in the recent period.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, phone_number, physical_address:home
Dark Web Verification
- Dataset containing ~11.2M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: triplea-salesforce-2025
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of TripleA
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam