YouLend US LLC has disclosed a data breach after detecting unauthorized access to its network, revealing that files containing sensitive customer information were acquired during a four-day intrusion in June 2026.
According to a notification filed with the California Attorney General and sent to affected individuals, YouLend identified suspicious activity on June 9, 2026, after receiving alerts of a disruption affecting its computer network. An investigation conducted with external cybersecurity specialists determined that an unauthorized party accessed the company’s systems between June 5 and June 9, 2026, and acquired certain files containing personal information.
Social Security numbers among exposed data
YouLend said the compromised information includes affected individuals’ names, dates of birth, and Social Security numbers. The company stated it has no evidence that the exposed information has been misused for fraud or identity theft.
The notification does not disclose how many people were affected by the incident. The breach notice also does not identify the threat actor responsible or describe how the attackers initially gained access to the company’s environment.
Company response
According to the notification, YouLend secured its systems after discovering the intrusion, engaged outside cybersecurity specialists to investigate the incident, and reported the matter to federal law enforcement and other authorities.
The company is offering affected individuals 12 months of complimentary credit monitoring and identity protection services through Cyberscout, a TransUnion company specializing in fraud assistance and remediation.
YouLend had not issued any additional public statement about the incident at the time of publication beyond the legally required breach notification.
Investigation continues
The breach was reported to the California Attorney General on July 15, 2026, alongside a sample notification letter sent to affected individuals. While the notification confirms that personal information was acquired during the intrusion, YouLend said there is currently no evidence that the exposed data has been used for identity theft or other fraudulent activity.












