Were you a victim of the TMX Finance data breach? Here’s how to safeguard your identity and money.

TMX Finance, a US-based consumer credit provider and parent company of TitleMax, TitleBucks and InstaLoan, has disclosed a massive data breach impacting over 4.8 million customers.

Here’s what happened

A sample of the data breach notice sent to affected customers on March 30 revealed that intruders had infiltrated TMX’s internal systems beginning in December 2022.

“On February 13, 2023, we detected suspicious activity on our systems and promptly took steps to investigate the incident,” the notice reads. “Based on the investigation to date, the earliest known breach of TMX’s systems started in early December 2022. We promptly began a review of potentially affected files to determine what information may have been involved in this incident.”

After concluding an internal forensic investigation on March 1, 2023, the company said malicious individuals obtained highly sensitive information of 4,822,580 customers, including:

• Names, date of birth, phone numbers, physical addresses and email addresses
• Passport and driver’s license numbers
• Federal/state identification card numbers
• Tax identification numbers and Social Security Numbers
• Financial account information

Everybody who received the data breach notice was also told how to enroll in a free 12-month identity monitoring service.

TMX says the breach was contained and it has taken extra security measures on its systems to prevent any more security incidents.

The company also alerted the FBI and advises customers to watch out for identity-theft crimes.

What should consumers do?

If you’re a victim of the TMX or a similar data breach, here’s what you need to do:

• Check your credit report for inaccurate information or fraudulent credits
• Consider freezing your credit
• Stay vigilant against social engineering schemes, including phishing via email, phone or text
• Don’t share sensitive information, including passwords, with individuals who contact you out of the blue or state they are a TMX employee
• File reports with law enforcement, the FTC, any collection agencies, banks or other financial institutions if you fall victim to fraud

Need help monitoring your personal and financial info to defend against identity thieves?

Use Bitdefender Identity Theft Protection (US only) to limit financial losses associated with data breaches and identity crimes.

The one-stop credit monitoring and identity theft protection service helps you tackle threats to your identity and finances with:

• 24/7 identity monitoring to detect whether your personal information is on the dark web and to check for change-of-address requests, attempts to take over accounts, and court records that may show crimes falsely reported in your name
• An easy way to view your credit score or order a credit freeze in case of compromise
• Identity restoration services with a 100% success rate, plus access to your dedicated resolution specialist and much more

Check out our dedicated security and identity theft protection solutions here.