Internal documents and insider communications obtained by CDG News reveal that 700Credit, one of the auto industry's largest credit reporting and identity verification providers, experienced a data breach on or around October 25, 2025.
Driving the news: Consumer names, addresses, and Social Security numbers from auto financing applications submitted between May and October 2025 were compromised, according to a letter sent to its dealer partners.
For context: 700Credit discovered the breach after being "alerted to suspicious activity within our proprietary web-based application 700Dealer.com."
The company then brought in third-party forensic specialists to investigate, and determined that customer data had been copied from the application without authorization.
700Credit elaborated that its internal network remains unaffected.
How we got here: Dark web monitoring service databreach.io first flagged the breach in mid-November after spotting threat actors trying to sell stolen data online.
The listing claimed the database contained over 8 million records and that negotiations between attackers and the company had broken down.
However managing director, Ken Hill, told CDG News that only 5.6 million records were implicated.
Zooming out: A class action lawsuit has already landed. Patricia Young v. 700 Credit, LLC was filed November 24 in U.S. District Court for the Eastern District of Michigan, alleging “negligent security practices” led to the breach.
Why it matters: This incident could be one the biggest breaches of the year as third-party vendors become prime “attack vectors” for criminals looking to access sensitive consumer data at scale.
And while the full scope of what was compromised still isn't clear, breaches involving credit infrastructure tend to have long tails.
The 2017 Equifax breach, which exposed Social Security numbers and personal information for over 140 million Americans, remains the starkest example of how damaging these incidents can be when they hit the credit-reporting pipeline.
OUTSMART THE CAR MARKET IN 5 MINUTES A WEEK
Get insights trusted by 55,000+ car dealers. Free, fast, and built for automotive leaders.
Worth noting: After alerting the Federal Trade Commission (FTC), 700Credit in partnership with the National Automobile Dealers Association (NADA), secured approval to notify consumers and State Attorneys General on-behalf of dealers, Hill explained.
“A lot of dealers are wondering what they have to do. Well, we’re going to it on your behalf,” Hill said.
What's next: 700Credit is offering affected consumers 12-24 months of free credit monitoring, and is working with legal counsel to make sure all notifications are filed properly.
Editor’s note: This article is for informational purposes only and should not be considered legal advice. CDG News does not provide legal counsel. Readers seeking guidance on data security obligations, consumer notification requirements, or litigation risks related to this incident should contact a qualified attorney or compliance expert familiar with automotive retail.
A quick word from our partner
Stop the Fixed Ops Revenue Leak.
Missed calls and manual follow-up kill retention. Impel’s Service AI with Voice AI fixes this by automating personalized outreach based on driving behavior, capturing every missed call, and booking appointments instantly via text and email.
Keep advisors focused on the lane while customers get faster answers and your bays stay full. One platform. Zero missed opportunities.
