Brinztech Alert: The Alleged Database of eRenterPlan is on Sale

Dark Web News Analysis

The dark web news reports a massive and critical data breach involving eRenterPlan, a major US-based renters insurance provider. A threat actor is selling a database purportedly containing 1,804,506 records, totaling approximately 890 GB of data.

The asking price is $5,000 USD, with sales limited to just five buyers to maintain exclusivity. The seller claims the data was exfiltrated directly from internal systems in October 2025. The compromised dataset is exceptionally deep, containing not just database rows but Internal Documents, Policy Records, and extensive Personally Identifiable Information (PII) such as Full Names, Physical Addresses, Phone Numbers, Email Addresses, and specific Insurance Coverage Details.

Key Cybersecurity Insights

Breaches of insurance providers, especially those integrated into property management ecosystems, create cascading risks:

• The RealPage Supply Chain Link: eRenterPlan is deeply integrated with LeasingDesk, Multifamily Internet Ventures, and the giant RealPage, Inc. ecosystem. A breach here is not isolated; it potentially exposes the tenant data of thousands of apartment complexes that use RealPage for property management. Attackers can use this data to map out high-net-worth rental properties across the US.
• Burglary & Property Fraud: The leak includes Insurance Details and Physical Addresses. Criminals can identify which properties have high-value content coverage (indicating expensive electronics or jewelry inside) and use this as a “shopping list” for targeted burglaries.
• Identity Theft & Policy Fraud: With 890 GB of data, including internal documents, attackers have everything they need to commit Synthetic Identity Fraud. They can file fraudulent claims on existing policies or open new policies in victims’ names to launder money.
• Future Date Anomaly: The claimed breach date of October 2025 is notable. Since the current date is January 2026, this implies the data is fresh (only 3 months old), or it indicates a persistent backdoor that allowed the attacker to harvest data over a specific window in late 2025.

Mitigation Strategies

To protect tenants and property management firms, the following strategies are recommended:

• Vendor Risk Review: Property management companies using RealPage or LeasingDesk must immediately query their account managers to see if their specific tenant data was part of the eRenterPlan exfiltration.
• Tenant Notification: Tenants who purchased insurance via eRenterPlan should be advised to monitor their credit reports and be vigilant against “Insurance Adjuster” scams—calls claiming to be from eRenterPlan needing to “verify” policy details.
• Home Security: Users should be careful about discussing their physical location or travel plans on social media, as their home address is now linked to their insurance profile in the dark web.
• Credential Hygiene: If eRenterPlan portals share login credentials with rent payment portals, users must change their passwords immediately to prevent attackers from accessing payment data.

Secure Your Business with Brinztech — Global Cybersecurity Solutions

Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback?

For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com