What Happened in the Onset Financial Data Breach?
Onset Financial, a Utah-based equipment leasing and finance company, has confirmed a data breach that exposed sensitive personal information belonging to certain customers. According to the company’s notification letters, an unauthorized party gained access to certain systems within its network. This access to the Onset Financial network occurred on or about May 2, 2025.
Once the company detected the intrusion, it took immediate steps to secure its network environment. In addition, Onset Financial brought in outside cybersecurity experts to investigate the scope of the incident. The investigation determined that certain files may have been taken without authorization during the breach.
Because of the complexity involved, the electronic discovery process took several months. This process, which involved reviewing the affected data to determine exactly what information was compromised, concluded on November 24, 2025. As a result of that review, the company confirmed that personal information belonging to specific individuals was present in the exposed data set.
Following the completion of its investigation, Onset Financial notified state regulators. The company disclosed the breach to the Massachusetts Office of Consumer Affairs and Business Regulation on December 16, 2025. It also notified the Montana Attorney General on December 12, 2025, before beginning to mail letters to affected individuals dated the same day.
Who was affected?
The Onset Financial data breach affects individuals whose personal information was stored within the company’s network systems. This likely includes customers, business partners, or employees connected to its equipment leasing and finance operations. Onset Financial has funded over $8 billion in equipment finance transactions since its founding in 2008, working with businesses ranging from small enterprises to Fortune 500 companies.
Regulatory filings indicate the breach affected six Massachusetts residents and 11 Montana residents. However, the total number of individuals affected nationwide hasn’t been publicly disclosed. Given that Onset Financial operates across the country, it’s likely that residents of other states received similar notifications as well.
Not every affected person had the same categories of information exposed. According to the company’s notification, the types of information affected may differ from person to person. This means some individuals may face a higher risk than others, depending on which specific data elements were involved in their case.
What Information Was Potentially Exposed?
The breach exposed a wide range of sensitive personal and financial information. Because the data varied by individual, not everyone had every category exposed. Still, the scope of information involved is extensive and includes highly sensitive identifiers.
- Full names
- Social Security numbers
- Driver’s license numbers
- State identification numbers
- Passport numbers
- Financial account numbers
- Account access information
- Payment card numbers, including credit and debit cards
- Dates of birth
- Home addresses
- Pay stubs
- W-2 tax forms
- Government-issued identification cards
This combination of data is particularly concerning because it includes both identity documents and financial account details. As a result, affected individuals face a heightened risk of identity theft. Criminals could use stolen Social Security numbers and driver’s license numbers to open new credit accounts or file fraudulent tax returns.
In addition, the exposure of payment card numbers and financial account information raises the risk of direct financial fraud. For example, stolen account access information could allow unauthorized transactions on existing accounts. Because W-2 forms were also exposed, victims should watch for signs of tax-related identity theft as well.
What is the company doing?
In response to the breach, Onset Financial reviewed its technical safeguards and implemented enhanced security measures. The company stated it has restored all affected systems and taken additional steps to strengthen its network security going forward. These actions were designed to prevent a similar incident from happening again.
Beyond technical fixes, Onset Financial also reviewed and enhanced its internal policies and procedures. This includes protocols related to system security and information life cycle management. Furthermore, the company is offering complimentary credit monitoring, credit reports, and credit score services through Cyberscout, a TransUnion company.
The length of monitoring offered varies by individual. Some affected people are receiving 24 months of triple-bureau credit monitoring, while others are receiving 12 months. Enrollment must be completed within 90 days from the date printed on the notification letter. The company has also set up a dedicated help line, available Monday through Friday from 8:00 a.m. to 8:00 p.m. Eastern Time.
What Should Affected Individuals Do?
Enroll in Credit Monitoring Services
If you received a letter from Onset Financial, you should enroll in the free credit monitoring services offered through Cyberscout. This service alerts you to changes in your Experian, Equifax, or TransUnion credit files. Because enrollment deadlines apply, act quickly after receiving your notification letter.
These monitoring services can help catch fraudulent activity early. For instance, an alert about a new account opened in your name could give you time to act before serious damage occurs. Therefore, it’s worth taking advantage of this protection even if you don’t suspect anything unusual yet.
Consider a Credit Freeze or Fraud Alert
Since Social Security numbers and driver’s license numbers were exposed, placing a security freeze on your credit reports is a smart precaution. A freeze prevents new creditors from accessing your credit file, which makes it much harder for identity thieves to open accounts in your name. You can request a freeze with Equifax, Experian, and TransUnion individually.
Alternatively, you could place a fraud alert on your credit file instead. This requires creditors to verify your identity before extending new credit. Both options are free, though a freeze generally offers stronger protection because it fully restricts access until you lift it.
Watch for Signs of Tax and Financial Fraud
Because W-2 tax forms were exposed, affected individuals should watch closely for signs of tax-related identity theft. This could include unexpected notices from the IRS or a rejected tax return caused by someone else filing in your name. If this happens, contact the IRS Identity Protection Specialized Unit right away.
In addition, review your bank and credit card statements regularly for unauthorized transactions. Since payment card numbers and account access information were also compromised, monitoring your financial accounts closely is essential. Report anything suspicious to your financial institution immediately.
Stay Alert for Phishing Attempts
After a data breach, scammers often use stolen information to craft convincing phishing emails or phone calls. Be cautious of any message claiming to be from Onset Financial or your bank that asks for personal details. Legitimate companies rarely request sensitive information through unsolicited communication.
Instead, verify any suspicious contact by calling the company directly using a number from its official website. This simple step can help you avoid falling victim to a secondary scam that builds on the original breach. When in doubt, don’t click links or provide information.
Get Your Free Credit Reports
You’re entitled to a free annual credit report from each of the three major credit bureaus. Reviewing these reports carefully can help you spot unauthorized accounts or inquiries you don’t recognize. This is a simple, no-cost way to check for signs of identity theft.
If you notice anything unusual, dispute it with the credit bureau right away. You can also file a report with the FTC or your state Attorney General if you suspect your information has been misused. Consulting a data breach attorney may also help you understand your legal options for compensation.
More Information
Official Notice from Onsetfinancial
Official Data Breach Notification Letter (PDF)
