Industrial Acceptance Corporation (IAC) Suffers Data Breach
Industrial Acceptance Corporation (IAC), an automotive financing company, became aware of suspicious activity on its computer network on February 24, 2025. A subsequent forensic investigation determined that cybercriminals infiltrated the network and gained access to and removed files containing the sensitive personal information of 79,216 individuals. The exposed data included names, Social Security numbers, and driver's license numbers. The incident was later attributed to the INC ransomware group, with files exfiltrated around March 4, 2025. IAC began notifying affected individuals in May 2026 and offered complimentary credit monitoring services.
Signal context
First seen: Feb 24, 2025
Last updated: Jun 26, 2026
Status: Public signal
Key points
- Suspicious activity detected on February 24, 2025.
- Cybercriminals infiltrated the network and exfiltrated files.
- 79,216 individuals affected.
Signal analysis
BetaThis analysis groups the signal by industry, likely incident action and impacted security area. It helps compare this signal with other published signals without treating the labels as final determinations.
Sector: Manufacturing
Likely country: Location not provided
Watch ransomware, endpoint compromise and business interruption exposure.
- Source type: outside the affected organization
Impact area: Confidentiality, Availability
Likely asset: User or customer data
- 2 signals in the same sector
- 100 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
Industrial Acceptance Corporation (d/b/a IAC) Data Breach Exposes Personal Information: Murphy Law Firm Investigates Legal Claims - GlobeNewswirehttps://www.globenewswire.com/news-release/2026/06/01/3286041/0/en/Industrial-Acceptance-Corporation-d-b-a-IAC-Data-Breach-Exposes-Personal-Information-Murphy-Law-Firm-Investigates-Legal-Claims.htmlPublic source from globenewswire.com.
Industrial Acceptance Corporation Announces 79,216 Data Breach - EKSMhttps://eksm.com/industrial-acceptance-corporation-announces-79216-data-breach/Public source from eksm.com.
Industrial Acceptance Corporation (IAC) Data Breach – Investigated by Federman & Sherwoodhttps://www.federmanlaw.com/blog/industrial-acceptance-corporation-iac-data-breach-investigated-by-federman-sherwood/Public source from federmanlaw.com.
Related signals
Grouped by why the signal is relevant.
Challenge Manufacturing Data Breach Exposes Social Security Numbers
Challenge Manufacturing, an automotive manufacturing company, disclosed a data breach to the Texas Attorney General on June 26, 2026. The Chaos ransomware group claimed responsibility on May 17, 2026, stating they obtained 270 GB of data from the company's systems.
Como Furniture Enterprises Data Breach by LockBit
Como Furniture Enterprises, a mold design and manufacturing company based in Taiwan, was reported to have suffered a data breach discovered on June 19, 2026, with the LockBit ransomware group identified as the threat actor. The group has threatened to leak sensitive data unless their demands are met.
eogb.co.uk Hit by Stormous Ransomware Group
eogb.co.uk, a UK-based organization, was claimed as a victim by the Stormous ransomware group. The incident was discovered on June 28, 2026, at 21:29 UTC, with deep access to Microsoft Dynamics GP, internal legal documents, partnership agreements, customer contracts, operational spreadsheets, financial reports, and executive documents.
Alamo Heights ISD Reports Data Breach Following Ransomware Attack
Alamo Heights Independent School District (ISD) reported a data breach impacting over 26,000 people, disclosed to the Texas Attorney General's office on June 25, 2026 (published June 26, 2026 UTC). The breach was linked to a ransomware attack by the Qilin group, which occurred on April 9, 2026. The compromised information included names, Social Security numbers, driver's license numbers, and bank and medical information.
Vienna Airport Targeted in APT73/Bashe Ransomware Attack
The ransomware group APT73/Bashe claimed responsibility for a cyberattack against Vienna Airport (Flughafen Wien AG) on June 23, 2026, threatening to leak sensitive data. The airport acknowledged a limited leakage of old cargo-related files from one email inbox but denied a broader system compromise.
AYA BANK Hit by Lapsus$ Ransomware Attack
AYA BANK, a prominent financial institution in Myanmar, fell victim to a ransomware attack by the Lapsus$ group, discovered on June 23, 2026. Lapsus$ claimed to have stolen over 120 gigabytes of data, including a full dump and PII, and threatened to sell it if a ransom was not paid. AYA Bank acknowledged a breach of an older application portal exposing some customer information but stated its core financial networks remained secure.