American Lending Center recently disclosed a ransomware-related cybersecurity incident involving unauthorized access to sensitive personal information. According to the company, cybercriminals compromised internal systems in July 2025 and accessed files containing consumer information. The breach reportedly affected approximately 123,158 individuals, including 120 Maine residents. Although the company states there is currently no evidence of misuse of the exposed information, affected individuals are being offered complimentary identity protection services through IDX.
American Lending Center’s Data Breach Investigation
According to the company’s notification letter, American Lending Center experienced a ransomware-related cybersecurity incident in July 2025. During a forensic investigation into the breach, the company discovered that a threat actor compromised its internal network, executed a ransomware attack, and accessed certain files containing personal identifying and sensitive information.
The available regulatory filing states that unauthorized access occurred between July 24, 2025, and July 30, 2025. The company reportedly discovered the breach on July 27, 2025 and subsequently launched an investigation to determine the nature and scope of the incident.
American Lending Center later conducted a comprehensive data mining and review process to determine the full extent of the information involved and identify impacted individuals. That review concluded on April 8, 2026, at which point the company determined the breach impacted approximately 123,158 individuals.
According to the notice, the potentially exposed information included names, dates of birth, Social Security information, and other sensitive personal data. Exposure of this type of information can create heightened risks involving identity theft, financial fraud, tax fraud, and unauthorized account activity.
In response to the incident, American Lending Center stated that it implemented additional safeguards and enhanced security measures throughout its infrastructure to strengthen protections against future cyberattacks. The company also began offering identity theft protection and recovery services through IDX to affected individuals.
When Did This Breach Occur?
The unauthorized access reportedly occurred between July 24, 2025, and July 30, 2025.
American Lending Center discovered the incident on July 27, 2025, and completed its comprehensive data review on April 8, 2026.
What Information Was Breached?
According to American Lending Center, the potentially exposed information may have included:
- Names
- Dates of birth
- Social Security information
- Other sensitive personal information
The company stated that cybercriminals accessed files containing personally identifiable and sensitive information during the ransomware attack.
What You Can Do
If you received a notice from American Lending Center regarding this incident, there are several important steps you can take to help protect yourself:
- Enroll in the complimentary identity protection services offered through IDX.
- Monitor your financial accounts and credit reports regularly for suspicious activity.
- Consider placing a fraud alert or security freeze with Equifax, Experian, and TransUnion.
- Obtain free annual credit reports through AnnualCreditReport.com.
- Change passwords associated with financial or sensitive accounts and enable multi-factor authentication where available.
- Remain cautious of phishing emails, phone calls, or text messages requesting sensitive information.
- Promptly report suspicious activity to your financial institutions and law enforcement authorities.
The complimentary services reportedly include:
- Credit monitoring
- CyberScan monitoring
- A $1 million insurance reimbursement policy
- Fully managed identity theft recovery services
American Lending Center also encouraged affected individuals to remain vigilant by reviewing account statements and monitoring credit reports for signs of identity theft or fraud.
File a Data Breach Lawsuit Against American Lending Center
Individuals affected by the American Lending Center data breach may have legal rights and could qualify to pursue compensation related to the exposure of their sensitive personal information. Data breach lawsuits may seek compensation for damages such as identity theft risks, out-of-pocket expenses, fraud-related losses, time spent responding to security concerns, and loss of privacy.
Companies that collect and maintain Social Security numbers and other highly sensitive financial information are expected to implement reasonable cybersecurity safeguards to protect that data from unauthorized access. When those safeguards fail, affected individuals may face ongoing financial and privacy risks.
Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.
