On March 30, 2023, TMX Finance Corporate Services, Inc. (hereafter referred to as “TMX Finance” or “TMX”) notified the Attorney General of Maine of a data breach. This is after realizing that a third party had gained access to and possibly removed sensitive consumer data housed on the business’s computer network.
According to the business’s official report, the incident led to the unauthorized party learning the (Names, Social Security Numbers, Birthdates, Passport Numbers, Driver’s License Numbers, Federal/State Identification Numbers, Tax Identification Numbers, and Other Information). TMX started delivering data breach notification letters to everyone affected by the recent data security incident after it was confirmed that consumer data had been exposed.
Data breaches, especially those involving your Social Security number, dramatically raise your risk of identity theft, as we’ve noted in related pieces. You must comprehend if TMX Finance notified you of a data breach, what the challenges are, and what you can do to prevent it. Regarding your legal options following the TMX Financial data breach and further information on how to avoid being a victim of fraud or identity theft, please check our latest article on the subject here.
The TMX Financial Breach
But, what we currently know about the TMX Finance data breach comes from the company’s filing with the Maine Attorney General. The news of the incident is still recent. This source claims that TMX discovered suspicious activities in its computer system on February 13, 2023. The business started investigating the incident with a forensic security company to determine whether consumer data was exposed.
A breach of the company’s computer network occurred sometime in early December 2022, according to the TMX inquiry. Further research revealed that between February 3, 2023, and February 14, 2023, the unauthorized entity could delete specific data from the TMX system. Several of these files contained private consumer data, the inquiry also showed.
After learning that confidential customer information had been given to TMX Finance, an unapproved party started to examine the affected files to ascertain what data had been hacked and which customers were impacted. Personal information like your phone number, address, and email address may have all been disclosed in a breach. However, the specifics of the breached information vary depending on the individual.
All individuals whose information was affected due to the current data security issue received data breach letters from TMX Finance on March 30, 2023. According to the Maine Attorney General, the TMX Financial data breach reportedly affected 4,822,580 people.
TMX Finance Corporate Services, Inc. was established in 1998 and is a Savannah, Georgia-based consumer lender TMX Finance, LLC division. TMX Finance has a workforce of over 2,000, bringing in about $1 billion annually. The business owns various loan firms, including “TitleMax,” “TitleBucks,” and “InstaLoan,” and it runs more than 900 outlets across 14 states.
The American consumer loan company TMX Finance has disclosed a severe data breach that it first identified about three months ago. In a breach notification letter submitted to the Office of the Maine Attorney General, the company with headquarters in Savannah, Georgia, stated that the incident most likely started in early December 2022. The company learned about it on February 13th, 2023. We immediately looked through all potentially impacted files to see what data might have been implicated. The inquiry revealed on March 1, 2023, that the data might have been obtained between February 3 and February 14, 2023.
No law enforcement inquiry has caused us to delay this notification of the FBI, the statement said. Personal details were among the personal data that may have been involved, along with other information like your phone number, address, and email address. According to TMX Finance, the situation has been isolated, all employee passwords have been reset, and endpoint protection and monitoring have been added to the company’s defensive security posture. Customers who qualify can get free credit monitoring and identity theft protection from Experian for a year from the lender, although they are reminded to check their account records for any strange activity constantly.