A massive data breach at the credit check company 700Credit could affect at least 5.6 million people. Personal information, including Social Security numbers, addresses, names and dates of birth, were exposed in the leak.
700Credit is a Michigan-based company that runs credit checks and identity verification services for auto dealerships throughout the United States. The company released a statement on its website blaming a bad actor with unauthorized access to its databases.
It is important that anyone affected by this data breach takes steps as soon as possible to protect their information.
Michigan Attorney General Dana Nessel
“If you get a letter from 700Credit, don’t ignore it,” Nessel said. “It is important that anyone affected by this data breach takes steps as soon as possible to protect their information.”
According to CBTNews, an auto-dealership business-to-business publication, the hack was caused when an “integrated partner” was compromised but failed to notify 700Credit. The malicious actor was then able to infiltrate the company’s systems using a vulnerability in 700Credit’s validation process.
700Credit told CBTNews that it has strengthened its API inspections, moving to a more secure system and increased its cybersecurity insurance.
How to stay safe after a data breach
700Credit is spending a lot of time urging dealerships to adopt best practices and prioritize education when it comes to cybersecurity. That’s not only good advice for companies, but for customers as well.
As always, when it comes to data breaches or data leaks, you’ll want to take a serious look at your security apparatus. Make sure your passwords are all updated, especially for any accounts involved in the breach.
In this 700Credit case, the company performs credit checks for auto dealerships across the country. You’ll want to change passwords to sensitive accounts like your email and financial accounts. Using one of the best password managers can help you generate and store new, secure passwords.
700Credit is offering credit monitoring services, but it’s not a bad idea to utilize one of the best identity theft protection services. These services work best if they can watch out for your personal information before an attack occurs. The statement does assert that there “is no indication of any identity theft, fraud, or other misuse of information in relation to this event.”
You’ll want to keep an eye out for phishing attempts and social engineering attacks. Be on alert for strange texts, emails or phone calls where people attempt to get you to share personal information or pressure you into clicking a link, downloading an attachment, app or going to a website.
Letters are going out this week, but if you visited a dealership in the last year and believe 700Credit ran your check, you can reach out to the company’s dedicated line (866) 273-0345 if you have questions.
Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds.
More from Tom’s Guide
- 'If we can't uphold our privacy policy while based in Canada, we will not be based in Canada' – here are the key takeaways from Windscribe's Reddit AMA
- How to avoid the nightmare Android malware that can hold your device for ransom or erase it
- LinkedIn data, phone numbers, emails and more exposed in massive unsecured 16 terabyte database
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
