Benworth Capital Data Breach Exposes PII of Many

Published

August 19, 2025

Updated

September 18, 2025

Benworth Capital Data Breach Exposes PII of Many

Benworth Capital Partners

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

On July 23, 2025, Benworth Capital Partners disclosed a data breach to the Washington Attorney General's office. The total number of individuals affected by the cybersecurity incident has not been released, but is over 25,000 and includes at least 1,851 Washington residents.

The data breach was also disclosed to the Texas Attorney General's office on July 24, 2025. According to the company’s report, the breach exposed sensitive personal information belonging to individuals associated with Benworth’s lending operations.

The cybersecurity incident took place on May 18, 2025 when a cybercriminal accessed the Benworth internal network through a third-party service provider. On May 23, 2025, the company discovered that the criminal actor had stolen a number of files. The incident was a ransomware attack and Benworth paid for the return and the deletion of the stolen files.

Exposed information included borrower names, addresses, Social Security numbers or taxpayer IDs, phone number, loan account number, loan maturity dates, loan closing dates and loan amounts. Impacted individuals includes 22,250 Texas residents, 1,230 Massachusetts residents and 108 in Montana.

Benworth Capital Partners began notifying impacted customers by mail on Sept. 15, 2025. The data breach was reported to the California, Massachusetts, Oregon and Montana Attorney Generals' offices on Sept. 16, 2025.

Benworth Capital Partners' response

In addition to required state and federal disclosures, Benworth is offering impacted individuals free IDX identity theft protection services.

If you believe your personal and financial information may have been compromised in this breach:

Carefully review any notice or communication you receive from Benworth Capital Partners.
Monitor financial accounts and credit reports for signs of identity theft.
Consider placing fraud alerts or credit freezes with the major credit bureaus.
Be cautious of unsolicited emails or phone calls requesting personal information.

More information about the lending company can be found on the Benworth Capital Partners website.

Protect Your Data

A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.

This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.