American Lending Center Data Breach: 123,158 Individuals Impacted

American Lending Center, a private, non-bank lender based in Irvine, California, disclosed a data breach that affected approximately 123,158 individuals in the United States, including 120 Maine residents.

In July 2025, American Lending Center was hit by a ransomware attack on its computer systems.

After discovering the breach, the company launched a forensic investigation to determine the full scope and nature of the incident. The investigation aimed to identify exactly what information was accessed and which individuals were affected.

A comprehensive data mining initiative was completed on April 8, 2026, approximately nine months after the breach was first discovered.

The types of personal information exposed included names, dates of birth and Social Security information, among other data points.

American Lending Center began notifying affected consumers by written notice on April 28, 2026.

American Lending Center's response to the breach

American Lending Center is offering affected individuals free identity theft protection services through IDX, a data breach and recovery services provider. Services include credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy and fully managed identity theft recovery services.

Affected individuals can enroll in these free services by calling 1-800-939-4170 or visiting the IDX enrollment page. IDX representatives are available Monday through Friday from 9 a.m. to 9 p.m. Eastern Time.

To enroll, consumers will need the unique enrollment code included in their written notification letter.

Steps to take if your information was exposed

• Place a fraud alert or credit freeze with Equifax (1-866-349-5191), Experian (1-888-397-3742) and TransUnion (1-800-680-7289) to help prevent new accounts from being opened using stolen information.
• Request free credit reports at AnnualCreditReport.com and review them carefully for any accounts, inquiries or other activity that looks unfamiliar.
• Monitor bank accounts and financial statements closely for any unauthorized transactions or suspicious activity, particularly since Social Security information was involved in this breach.
• Be cautious of phishing attempts that reference American Lending Center or this data breach by name, as scammers often use real breach notifications to trick people into sharing more personal details.
• Consider filing an identity theft report with the Federal Trade Commission at IdentityTheft.gov if any signs of fraud or unauthorized use of personal information appear.