5.6 Million SSNs Stolen Through an API

700Credit, a credit and compliance solutions provider used by thousands of auto dealerships, just exposed 5.6 million consumers. Names, addresses, dates of birth, and Social Security numbers — all PII copied in bulk through an API exploit.

How It Happened

Attackers compromised a third-party integration partner in July 2025. From there, they discovered an API that could retrieve consumer data. Then they ran “a sustained, high volume request pattern” — bulk-copying records for months before anyone noticed.

May 2025: Data copying began
October 25, 2025: 700Credit finally detected suspicious activity
Late October: Extraction continued for two more weeks
December 2025: Consumer notifications started

Five months of unrestricted access. Millions of records. One API.

The Takeaway

You can’t protect what you don’t know exists. If sensitive data is sitting behind an API — yours or a vendor’s — you need to know exactly what’s exposed before someone else finds it.

Find out where your sensitive data lives with Risk Finder | Try Free Scanner

Read more at Bright Defense

5.6 Million SSNs Stolen Through an API

How It Happened

The Takeaway

Related Posts

University of Phoenix: 3.5 Million Records via Oracle Zero-Day

MOVEit Fallout: Nuance Communications to Pay $8.5 Million in Data Breach Settlement

1.4 Million Insurance Customers. One Social Engineering Call.

6 Million Qantas Customers. One Third-Party Call Center.