Consumer lending firm TMX Finance has revealed that it suffered from a major breach of customer data. The breach was first discovered roughly three months ago and disclosed last week via a breach notification letter filed with the Office of the Maine Attorney General. In the letter, the firm states that the breach likely occurred in December 2022. An investigation into the event confirmed that the information stolen from TMX customers was likely obtained between February 3 and February 14, 2023. The investigation into the attack also determined what information may have been accessed.
The information exposed in the breach included names, dates of birth, passport numbers, driver’s license numbers, federal or state identification card numbers, tax identification numbers, Social Security numbers, and financial account information. Additionally, other information such as phone numbers, addressed, and email addresses may have been exposed. TMX Finance confirmed that the incident has since been contained and that all employee passwords have been reset. The company also claimed to have implemented additional security measures. Those affected by the breach are eligible for free credit monitoring and identity protection from Experian for 12 months.
Read More: Consumer Loans Firm TMX Reveals Major Data Breach