Key Takeaways
- 700Credit, a U.S. fintech and data services company, suffered a data breach impacting at least 5.6 million people
- Exposed data includes names, addresses, dates of birth, and Social Security numbers
- The company has notified the impacted dealers and is informing affected consumers, and is offering credit monitoring to consumers
- The breach is limited to the application layer and did not affect the company’s internal network or operations
- Consumers are advised to stay alert to phishing emails and other scams, update and strengthen their passwords, and remove unnecessary data or files
Introduction to the Data Breach
A recent data breach at 700Credit, a U.S. fintech and data services company, has exposed the sensitive information of at least 5.6 million people. The company provides credit reports, "soft pull" prequalification, identity verification, fraud detection, and compliance tools to auto, RV, powersports, and marine dealerships across the country. The breach, which occurred in October, has resulted in the exposure of names, addresses, dates of birth, and Social Security numbers of individuals who had their data collected from dealers between May and October 2025.
The Nature of the Breach
According to the company, the breach was limited to the application layer and did not affect its internal network or operations. The threat actors responsible for the breach stole personal data collected from dealers, but there is currently no indication of any identity theft, fraud, or other misuse of the information. 700Credit has engaged cybersecurity experts to investigate the incident and has notified the impacted dealers and affected consumers. The company has also reported the incident to the FBI and FTC, and has coordinated regulatory notifications on behalf of the dealers.
Response to the Breach
700Credit has pledged to take extraordinary steps to assist consumers and notify required parties on behalf of dealers. The company is offering credit monitoring to consumers and is notifying state attorneys general. In addition, the company is working directly with the National Automobile Dealers Association (NADA) to respond to the breach. Michigan Attorney General Dana Nessel has reissued a consumer alert, warning individuals who may have been affected by the breach to take steps to protect their information. This includes considering a credit freeze or monitoring services, and being vigilant for phishing emails and other scams.
Recommendations for Consumers
In light of the breach, 700Credit recommends that consumers stay alert to phishing emails and other scams. This includes being cautious of unsolicited emails or messages that ask for personal or financial information. Consumers are also advised to update and strengthen their passwords, and remove unnecessary data or files. Enabling multifactor authentication on devices and online accounts can add an additional layer of protection. Regularly reviewing credit reports is also important, and consumers can take advantage of the free weekly reports available from Equifax, Experian, and TransUnion through the Annual Credit Report website.
Conclusion and Next Steps
The data breach at 700Credit is a reminder of the importance of protecting sensitive information. The company’s response to the breach, including notifying affected consumers and offering credit monitoring, is a step in the right direction. However, it is ultimately up to consumers to take steps to protect their information and prevent identity theft and fraud. By being vigilant and taking proactive measures, consumers can reduce their risk of being affected by a data breach. As the investigation into the breach continues, 700Credit and regulatory agencies will be working to determine the cause of the breach and prevent similar incidents in the future.
