ACCORDING to SecurityWeek, American Lending Center, a California-based non-bank lender that manages a $3 billion portfolio of government-guaranteed small business loans, disclosed that a data breach discovered last year has affected more than 123,000 individuals.
The organisation said the ransomware attack was detected in July 2025, and a forensic investigation found that the threat actor compromised its internal network, executed the attack, and accessed certain files that may have contained personal identifying or sensitive information such as names, dates of birth, and SSNs. The investigation was completed on 8 April, and ALC has found no evidence that the potentially compromised information has been misused.
It is noted that no known ransomware group appears to have taken credit for the attack, which could indicate either that a ransom has been paid or that the responsible gang does not have a public leak website. SecurityWeek added that the organisation is notifying affected individuals and submitted its notification to the Maine attorney general’s office.