Here’s your weekly #databreach news roundup:
700Credit, Inotiv, and Dartmouth College.
700Credit
700Credit suffers a major #databreach affecting at least 5.6M people. Hackers stole names, addresses, DOBs, & Social Security numbers from dealer data collected May–Oct 2025. https://t.co/Ztrf2yFwPC
— DevaOnBreaches (@DevaOnBreaches) December 14, 2025
A data breach at 700Credit, a company that provides credit checks for auto dealerships, has exposed the personal information of at least 5.6 million people, including their names, addresses, birthdates, and Social Security numbers. The breach, which occurred between May and October 2025, was caused by an unknown hacker. Affected individuals are being sent letters offering credit monitoring services to help protect against fraud. Michigan’s attorney general is urging anyone who receives a letter to take action, such as using credit monitoring or freezing their credit, to safeguard their identity.
Inotiv
Inotiv says personal data of people was stolen in an August 2025 ransomware attack. The Qilin gang claims responsibility, leaking samples from 176GB of stolen files as the pharma firm restores systems and notifies victims. #databreach https://t.co/7uNS8bMHbc
— DevaOnBreaches (@DevaOnBreaches) December 11, 2025
Inotiv, an American pharmaceutical research company, is informing about 9,500 people that their personal data was stolen in a ransomware attack in August 2025. The attack temporarily shut down some of the company’s systems and disrupted its operations, but Inotiv says access has now been restored. The stolen data may belong to current and former employees, their family members, and others who interacted with the company, though Inotiv has not said exactly what information was taken. A ransomware group called Qilin has claimed responsibility and says it stole a large amount of company data, but this has not been officially confirmed by Inotiv.
Dartmouth College
Dartmouth says a 3-day August cyberattack exposed data of 40k+ people after Cl0p exploited a zero-day in Oracle’s software. No internal systems were hacked; attackers hit a hidden supply-chain flaw.#databreach https://t.co/N5PEwsAz9t
— DevaOnBreaches (@DevaOnBreaches) December 8, 2025
Dartmouth College has confirmed that a cyberattack in mid-August exposed the personal information of more than 40,000 people, including Social Security numbers and some bank details. The attackers exploited a hidden flaw in Oracle’s E-Business Suite software, which Dartmouth uses, meaning the college itself was not directly hacked and no employee made a mistake. The attack is part of a global campaign linked to the Cl0p ransomware group, which targeted many organizations before Oracle released a fix in October. Dartmouth has now patched its systems, notified those affected, and is offering free identity and credit monitoring to help protect against fraud.
