Comparing data breaches is like comparing apples and oranges. They differ on many levels. To news media, the size of the brand, how many users were impacted, and how it was done often dominate the headlines. For victims, what really matters is the type of information stolen. And for the organizations involved, the focus is on how they will handle the incident. So, let’s have a look at the three that showed up in the news feeds today.

700Credit

700Credit is a US provider of credit reports, preliminary credit checks, identity verification, fraud detection, and compliance tools for automobile, recreational vehicle, powersports, and marine dealerships.

In a notice on its website, 700Credit informed media, partners, and affected individuals that it suffered a third-party supply-chain attack in late October 2025. According to the notice, an attacker gained unauthorized access to personally identifiable information (PII), including names, addresses, dates of birth, and Social Security numbers (SSNs). The breach involves data collected between May and October, impacting roughly 5.6 million people.

The supply-chain attack demonstrates the importance of how you handle attacks. Reportedly, 700Credit communicates with more than 200 integration partners through application programming interfaces (APIs). When one of the partners was compromised in July, they failed to notify 700Credit. As a result, unnamed cybercriminals broke into that third-party’s system and exploited an API used to pull consumer information.

700Credit shut down the exposed third-party API, notified the FBI and FTC, and is mailing letters to victims offering credit monitoring while coordinating with dealers and state regulators.

SoundCloud

SoundCloud is a leading audio streaming platform where users can upload, promote, stream, and share music, podcasts, and other audio content.

SoundCloud posted a notice on its website stating that it recently detected unauthorized activity in an ancillary service dashboard. Ancillary services refer to specialized functions that help maintain stability and reliability. When SoundCloud contained the attack, it experienced denial-of-service attacks, two of which were able to temporarily disable its platform’s availability on the web.

An investigation found that no sensitive data such as financial or password data was accessed. The exposed data consisted of email addresses and information already visible on public SoundCloud profiles. The company estimates the incident affected roughly 20% of its user base.

Pornhub

Pornhub is one of the world’s most visited adult video-sharing websites, allowing users to view content anonymously or create accounts to upload and interact with videos.

Reportedly, Pornhub disclosed that on November 8, 2025, a security breach at third-party analytics provider Mixpanel exposed “a limited set of analytics events for certain users.” Pornhub stressed that this was not a breach of Pornhub’s own systems, and said that passwords, payment details, and financial information were not exposed. Mixpanel, however, disputes that the data originated from its November 2025 security incident.

According to reports, the ShinyHunters ransomware group claims to have obtained about 94 GB of data containing more than 200 million analytics records tied to Pornhub Premium activity. ShinyHunters shared a data sample with BleepingComputer that included a Pornhub Premium member’s email address, activity type, location, video URL, video name, keywords associated with the video, and the time the event occurred.

ShinyHunters has told BleepingComputer that it sent extortion demands to Pornhub, and the nature of the exposed data creates clear risks for blackmail, outing, and reputational harm—even though no Social Security numbers, government IDs, or payment card details are in the scope of the breach.

Comparing apples and oranges

As you can see, these are three very different data breaches. Not just in how they happened, but in what they mean for the people affected.

While email addresses and knowing that someone uses SoundCloud could be useful for phishers and scammers, it’s a long way from the leverage that comes with detailed records of Pornhub Premium activity. If that doesn’t get you on the list of a “hello pervert” scammer, I don’t know what will.

But undoubtedly the most dangerous one for those affected is the 700Credit breach which provides an attacker with enough information for identity theft. In the other cases an attacker will have to penetrate another defense layer, but with a successful identity theft the attacker has reached an important goal.

Aspect	SoundCloud	700Credit	Pornhub
People affected	Estimated ~28–36 million users (about 20% of users) ​	~5.6 million people ​	“Select” Premium users; ~201 million activity records (not 201 million people) ​
Leaked data	Email addresses and public profile info ​	Names, addresses, dates of birth, SSNs ​​	Search, watch, and download activity; attacker-shared samples include email addresses, timestamps, and IP/geo-location data
Sensitivity level	Low (mostly already public contact/profile data) ​	Very high (classic identity‑theft PII) ​​	Very high (intimate behavioral and preference data, blackmail/extortion potential) ​
Breach cause	Unauthorized access to an internal service dashboard ​	Third‑party API compromise (supply‑chain attack) ​​	Disputed incident involving third-party analytics data (Mixpanel), following a smishing campaign

---

We don’t just report on threats—we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your, and your family’s, personal information by using identity protection.

Two recent cybersecurity incidents involving financial services providers have exposed the personal information of millions of individuals, highlighting ongoing risks across the fintech and credit reporting ecosystem. The larger of the two incidents involves Prosper Marketplace cybersecurity incident, confirmed last week by the San Francisco-based fintech company. Prosper disclosed that 13.1 million people were affected after unauthorized activity was discovered on its systems on September 1, 2025. A subsequent investigation revealed that attackers accessed data between June and August 2025.

Prosper Marketplace Cybersecurity Incident Details

In its official notice, Prosper stated, "On September 1, 2025, Prosper discovered unauthorized activity on our systems. We acted quickly to stop the activity and enhance our security measures, and we began working with a leading cybersecurity firm to investigate what happened." While Prosper emphasized that there was no evidence of unauthorized access to customer accounts or funds, attackers were able to obtain a wide range of sensitive personal and financial data. The exposed information includes names, Social Security numbers, national ID numbers, dates of birth, bank account numbers, Prosper account numbers, financial application details, driver’s license numbers, passports, tax information, and payment card numbers. Regulatory filings show the scale of the exposure across states, with more than 1.1 million affected individuals in Texas, 236,000 in South Carolina, and 249,000 in Washington state. Prosper said it has begun notifying affected individuals and is offering two years of credit monitoring and identity restoration services through Experian. The company also confirmed that law enforcement was notified about cybersecurity incidents, and additional security and monitoring controls have been deployed. Founded in 2005, Prosper is best known for its peer-to-peer lending platform, through which more than 2 million customers have borrowed over $28 billion in personal loans. The company also offers home equity loans, lines of credit, and credit card products.

700Credit Security Incident Impacts Over 5.8 Million People

In a separate cybersecurity incident, Michigan-based 700Credit data exposure affected 5,836,521 individuals, according to a notice issued on Friday. The incident was discovered on October 25, 2025, when the company’s IT team identified unauthorized access to its systems. 700Credit provides credit reports, compliance solutions, identity verification, and fraud detection services to car dealerships across the U.S. The company said attackers made copies of data stored within its systems. The compromised information includes names, Social Security numbers, dates of birth, and physical addresses. Following the incident, 700Credit confirmed it will file a consolidated breach notice with the FTC on behalf of its affected dealership clients, after receiving approval from the agency. “We timely notified the FBI and the FTC and confirmed with the FTC that 700Credit’s filing on behalf of all dealers is sufficient to meet dealer obligations to notify the FTC.  In addition, we will be notifying State AG offices on behalf of dealers.  Impacted consumers will also be notified and offered credit monitoring services and assistance they may need. 700Credit has also been working directly with NADA,” the company said in a notice. As a result, dealers are not required to file separate FTC breach notifications related to this incident. However, dealers are still responsible for complying with state-level breach notification requirements, which remain unaffected by the FTC’s decision. Dealers have been advised to consult legal counsel to ensure compliance with applicable state laws.

Financial Services Sector Faces Rising Cybersecurity Incidents

The Prosper and 700Credit incidents come just weeks after a cyberattack on SitusAMC, a company used by major banks for real estate loan and mortgage services. That incident, discovered on November 12, 2025, involved stolen accounting records and legal agreements. Together, these cybersecurity incidents emphasise a growing trend: financial services providers and fintech companies are increasingly targeted for the volume and sensitivity of data they hold. While no threat actor has publicly claimed responsibility for either the Prosper Marketplace or 700Credit incidents, the scale of exposure raises concerns about identity theft, financial fraud, and long-term consumer risk. Both companies have urged affected individuals to remain vigilant, monitor their credit reports, and report any suspicious activity.