700Credit, a major provider of credit and compliance solutions for automotive dealerships, has confirmed a data breach affecting 5,836,521 individuals across the United States.
The incident resulted from unauthorized access to its web-based application and led to the exfiltration of sensitive personal information, including names, Social Security numbers, birthdates, and addresses.
The breach occurred between October 25 and October 27, 2025. Suspicious activity was first detected within the 700Dealer.com web application, prompting an immediate forensic investigation by external cybersecurity experts. On November 21, 2025, the company began notifying affected dealership clients and plans to mail consumer notifications starting December 22.
700Credit’s internal network was not impacted, and no operational disruptions were reported. The compromised data was confirmed to be limited to the application layer that services dealership partners.
Headquartered in Southfield, Michigan, 700Credit offers credit reports, compliance tools, and identity verification services to tens of thousands of dealerships nationwide. The firm plays a central role in the auto financing ecosystem, making it a valuable target for cyberattacks due to its access to consumer credit data.
To streamline compliance with federal breach reporting requirements, 700Credit filed a consolidated notice with the Federal Trade Commission (FTC) on behalf of all affected dealerships. This approach, approved by the FTC and coordinated with the National Automobile Dealers Association (NADA), spares individual dealers from having to file separately under the Safeguards Rule. However, 700Credit has advised dealers to seek legal counsel to address any remaining state-level notification obligations.
Impacted individuals are being offered one year of free credit monitoring and identity protection services through TransUnion’s Cyberscout platform. The company states that, to date, there is no indication that the stolen data has been misused, but urges vigilance. Alongside the monitoring service, affected consumers are receiving guidance on placing fraud alerts, freezing credit files, and reporting identity theft.
Leave a Reply