700Credit, a credit check and compliance provider, suffered a significant data breach in late October, affecting nearly 18,000 dealerships and more than 5.6 million customers. On today’s episode of Inside Automotive, 700Credit Managing Director Ken Hill discusses what happened and how the company is responding.
700Credit communicates with over 200 integration partners through APIs. One of those partners was compromised in July, but the company did not notify 700Credit. Hackers took over that partner’s system and gained access to communications logs, which exposed an API used to pull consumer information. The breach revealed a vulnerability in 700Credit’s validation process.
Sign up for CBT News’ daily newsletter and get the latest industry stories delivered straight to your inbox.
On Oct. 25, hackers launched a sustained velocity attack that continued for more than two weeks. Although 700Credit shut down the exposed API, attackers still managed to obtain about 20% of consumer data from May to October 2025. The attack did not penetrate 700Credit’s internal systems, which remained operational throughout the incident.
"I wanted to be able to tell our customers that we've done everything we could."
Hill urges dealership groups of all sizes, particularly those with limited cybersecurity budgets, to prioritize education and adopt best practices to reduce the risk of becoming targets.
700Credit, in partnership with the National Automobile Dealers Association (NADA), coordinate
Source: https://www.cbtnews.com/700credits-ken-hill-on-recent-data-breach-and-what-dealers-need-to-know/
700Credit cybersecurity rating report: https://www.rankiteo.com/company/700-credit
"id": "7001764887158",
"linkid": "700-credit",
"type": "Breach",
"date": "10/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Nearly 18,000 '
'dealerships and '
'over 5.6 million '
'customers',
'industry': 'Financial Services, '
'Automotive',
'location': None,
'name': '700Credit',
'size': None,
'type': 'Credit check and compliance '
'provider'}],
'attack_vector': 'Third-party compromise, API exploitation',
'data_breach': {'data_encryption': None,
'data_exfiltration': 'Yes',
'file_types_exposed': None,
'number_of_records_exposed': 'Approximately 1.12 '
'million (20% of '
'5.6 million)',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (personally '
'identifiable '
'information)',
'type_of_data_compromised': 'Consumer '
'information'},
'date_detected': '2025-10-25',
'description': '700Credit, a credit check and compliance '
'provider, suffered a significant data breach in '
'late October, affecting nearly 18,000 '
'dealerships and more than 5.6 million customers. '
'Hackers exploited a vulnerability in 700Credit’s '
'validation process via a compromised third-party '
'partner, gaining access to an API used to pull '
'consumer information. A sustained velocity '
'attack lasted over two weeks, resulting in the '
'exposure of about 20% of consumer data from May '
'to October 2025.',
'impact': {'brand_reputation_impact': 'Likely significant',
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Consumer information',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': None,
'operational_impact': 'Limited; internal systems '
'remained operational',
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': 'API communications logs, '
'third-party partner systems'},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': 'Compromised '
'third-party partner',
'high_value_targets': 'API '
'communications '
'logs',
'reconnaissance_period': None},
'lessons_learned': 'Third-party risk management and API '
'validation processes require strengthening. '
'Dealerships should prioritize cybersecurity '
'education and best practices.',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': 'Insufficient '
'validation of '
'third-party API '
'access, delayed '
'notification from '
'compromised partner'},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'recommendations': 'Enhance third-party validation processes, '
'improve API security, and invest in '
'cybersecurity education for dealerships.',
'references': [{'date_accessed': None,
'source': 'CBT News',
'url': None},
{'date_accessed': None,
'source': 'Inside Automotive Podcast',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Public discussion via '
'Inside Automotive '
'podcast, coordination '
'with NADA',
'containment_measures': 'Shut down the exposed API',
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'stakeholder_advisories': 'Coordination with National Automobile '
'Dealers Association (NADA)',
'title': '700Credit Data Breach Affecting Dealerships and '
'Customers',
'type': 'Data Breach',
'vulnerability_exploited': 'Insufficient validation process for '
'third-party API access'}