American Lending Center, a California-based non-bank lender, has revealed a data breach that has affected more than 123,000 individuals. The breach, which was discovered in July 2025, involved a ransomware attack that may have stolen sensitive information such as names, dates of birth, and Social Security numbers.
Data Breach Details
The organization, which manages a $3 billion portfolio specializing in government-guaranteed small business loans, is notifying individuals affected by the breach. According to American Lending Center, the threat actor compromised the internal network, executed a ransomware attack, and accessed certain files that may have contained personal identifying or sensitive information.
A forensic investigation into the breach was completed on April 8, and American Lending Center has found no evidence that the potentially compromised information has been misused. However, it is worth noting that companies often include statements in their data breach notifications that there is no evidence of misuse, even when information has been made public by cybercriminals.
Ransomware Attack and Potential Consequences
No known ransomware group appears to have taken credit for the attack, which could indicate either that a ransom has been paid or that the financial institution has been targeted by a cybercrime gang that does not have a public leak website. SecurityWeek has reached out to American Lending Center for clarification and will update this article if it responds.
The data breach at American Lending Center is just one of several recent breaches that have affected financial institutions and other organizations. In related news, Foxconn has confirmed that its North American factories were hit by a cyberattack, while OpenLoop Health and BWH Hotels have also reported data breaches.
Impact and Response
The breach at American Lending Center highlights the need for organizations to have robust cybersecurity measures in place to prevent and respond to data breaches. It also underscores the importance of transparency and communication with affected individuals and regulatory authorities.
In the wake of the breach, American Lending Center has taken steps to notify affected individuals and provide them with information about the breach and the potential risks. The organization has also committed to cooperating with regulatory authorities and law enforcement agencies to investigate the breach and prevent similar incidents in the future.
Conclusion
The data breach at American Lending Center is a reminder of the ongoing threat posed by cybercrime and the need for organizations to prioritize cybersecurity and data protection. As the threat landscape continues to evolve, it is essential for organizations to stay vigilant and take proactive steps to prevent and respond to data breaches.
- Related: Foxconn Confirms North American Factories Hit by Cyberattack
- Related: 716,000 Impacted by OpenLoop Health Data Breach
- Related: BWH Hotels Says Hackers Had Access to Reservation Data for 6 Months
The incident is a stark reminder of the importance of robust cybersecurity measures and the need for organizations to prioritize data protection. As the threat landscape continues to evolve, it is essential for organizations to stay informed and take proactive steps to prevent and respond to data breaches.
For more information on data breaches and cybersecurity, please visit SecurityWeek.
- Data Breach: A data breach occurs when sensitive information is accessed or stolen without authorization.
- Ransomware Attack: A ransomware attack involves the use of malware to encrypt sensitive information and demand a ransom in exchange for the decryption key.
- Cybersecurity: Cybersecurity refers to the practices and technologies used to protect sensitive information and systems from unauthorized access or damage.
The data breach at American Lending Center highlights the need for organizations to prioritize cybersecurity and data protection.
The breach is a reminder of the ongoing threat posed by cybercrime and the need for organizations to stay vigilant and take proactive steps to prevent and respond to data breaches.
SecurityWeek will continue to monitor the situation and provide updates as more information becomes available.Source: SecurityWeek