TL;DR: 700Credit, the company that runs credit checks when you buy a car, got hacked. From May to October 2025, attackers accessed customer data through a compromised third-party API. The damage: 5.8 million people's Social Security numbers, addresses, dates of birth, and employment information stolen. Nearly 18,000 dealerships across North America were affected. A threat actor calling themselves "ROOTBOY" is now selling 8.4 million records on the dark web. If you applied for car financing in 2025, freeze your credit immediately.
What Happened
700Credit is the middleman you never knew existed. When you sit in that dealership finance office and they "run your credit," the request often goes through 700Credit. They pull your credit report, verify your identity, and hand over your most sensitive financial data to the dealer.[1]
In July 2025, hackers compromised a third-party partner's system. That gave them access to 700Credit's API, the pipeline that shuttles your personal information back and forth. For five months, attackers quietly harvested customer data.[2]
700Credit finally noticed on October 25, 2025. By then, criminals had five months of unfettered access.
Managing Director Ken Hill later confirmed that roughly 20% of accessible consumer data was stolen during this window. That's still 5.8 million people.[3]
What They Got
The data varies by individual, but the haul includes:[1][2][3]
- Social Security numbers: The master key to your identity
- Full names and addresses: Current and possibly previous
- Dates of birth: Combined with SSN, that's identity theft fuel
- Employment information: Where you work, income details
- Credit report data: Your financial history
On November 16, 2025, a threat actor named ROOTBOY started advertising the stolen data on the dark web. They claim to have 8.4 million records, more than 700Credit's official count. Either ROOTBOY is exaggerating, or 700Credit is lowballing.[4]
18,000 Dealerships. One Point of Failure.
700Credit doesn't just serve a few dealers. They're embedded across the industry. Nearly 18,000 dealerships in North America use their services.[5]
That means whether you bought a Honda in Florida or a Ford in Montana, your credit check might have flowed through the same compromised system.
The automotive finance ecosystem is a web of third parties. The dealer doesn't run your credit. They send it to a service like 700Credit, who sends it to the credit bureaus, who send back reports. Every handoff is a potential breach point. This time, it was the API connecting 700Credit to their partners.
You trusted the dealer. The dealer trusted 700Credit. 700Credit trusted their API partner. And now 5.8 million people are exposed.
The Industry Response
700Credit coordinated with the National Automobile Dealers Association and the FTC to file a consolidated breach notification. That's bureaucrat-speak for "we made it easier to report this mess."[3]
Affected individuals are being offered 24 months of credit monitoring through Cyberscout, a TransUnion company. You have 90 days from receiving your notification letter to enroll.[1]
Michigan's Attorney General issued consumer guidance on December 22, 2025, confirming the breach and providing identity theft prevention steps.[6]
Multiple lawsuits are already filed. Bloomberg Law reports class actions alleging negligence. The legal argument: 700Credit held extraordinarily sensitive data and failed to protect it for five months.[4]
The Invisible Data Supply Chain
Here's what makes this breach particularly frustrating: you had no relationship with 700Credit. You never signed up for their service. You never agreed to their terms. You walked into a car dealership, and your data got routed through a company you've never heard of.
This is the modern data supply chain. Your information passes through dozens of intermediaries: credit bureaus, identity verification services, marketing platforms, data brokers. Each one is a potential breach point. Each one holds data you didn't consciously give them.
700Credit isn't unique. Every time you apply for credit, rent an apartment, or start a new job, your SSN gets handed to third parties you'll never know about. This breach just exposed one node in that invisible network.
What You Can Do
Freeze Your Credit Now
Don't wait for the notification letter. If you applied for auto financing in 2025, freeze your credit at all three bureaus: Equifax, Experian, and TransUnion. It's free and takes minutes.
Set Up Fraud Alerts
Place a fraud alert on your credit file. This requires creditors to verify your identity before opening new accounts. One bureau will notify the others.
Enroll in the Free Monitoring
If you receive a notification letter, enroll in the Cyberscout monitoring within 90 days. It won't prevent identity theft, but it alerts you faster when it happens.
Check Your Credit Reports
Go to AnnualCreditReport.com and pull reports from all three bureaus. Look for accounts you didn't open or inquiries you didn't authorize.
Watch for Tax Fraud
With SSNs and employment data stolen, tax fraud is likely. Consider filing an IRS Identity Protection PIN and file your taxes early before criminals can.
Document Everything
If you receive a notification letter, keep it. If class action lawsuits proceed to settlement, you'll need proof you were affected.
The Long-Term Problem
Your Social Security number doesn't change. Unlike a credit card, you can't get a new one issued after a breach. The SSN stolen in this breach will follow you for life.
Two years of credit monitoring is a band-aid. After those 24 months, you're on your own, but criminals will still have your data. SSNs from breaches years ago are still being used for fraud today.
The real solution is systemic: we need to stop treating SSNs as both identifiers and authenticators. But that's not happening anytime soon. In the meantime, credit freezes are your best defense.
References
- SecurityWeek - 700Credit Data Breach Impacts 5.8 Million Individuals (January 2026)
- BrightDefense - 700Credit Breach: How Did Millions of SSNs Leak? (January 2026)
- Automotive News - Dealership vendor 700Credit data breach affects 18,000 stores (December 2025)
- CBT News - 700Credit reports cyberattacks affecting 18,000 dealerships (January 2026)
- Fox News - 700Credit data breach exposes 5.8 million people's Social Security numbers (January 2026)
- Minnesota Automotive Dealers Association - 700Credit Data Breach Advisory (January 2026)