AFC Kredieten
| Primary URL | Location | Industry | www[.]afc-kredieten[.]be |
Country
Belgium
|
Financial Services
|
|---|
Profile
AFC Kredieten, also known as AFC Loans, is a Belgian organisation that provides loan and credit services to individuals. The company operates from its headquarters in Belgium and focuses on offering financial products to loan applicants. Its core activity involves evaluating credit applications and extending financing to consumers seeking personal or other types of credit. By positioning itself as a loan provider, AFC Kredieten serves the retail credit market within the country. The organisation’s name reflects its specialization in extending credit rather than traditional banking services.
In July 2015, AFC Kredieten experienced a security breach when the hacker group Rex Mundi accessed and exfiltrated approximately 24,000 financial records belonging to loan applicants. The attackers posted a banner on the company’s website to demonstrate the compromise and alleged that the organisation had inadequate security protections. Rex Mundi demanded a ransom in exchange for not releasing the stolen data and offered to delete the information upon payment. AFC Kredieten refused to negotiate, asserting that the affected individuals were not formal customers and therefore the company bore no responsibility for their data. The incident highlighted the organisation’s handling of applicant information and brought attention to its data security practices at that time.
Details regarding the ownership structure, parent company relationships, or subsidiary affiliations of AFC Kredieten are not disclosed in the available sources. Consequently, any description of its corporate governance or affiliations would be speculative and is omitted here. The organisation’s public presence is primarily defined by its role as a loan provider and the 2015 cyber incident that involved its applicant data. No further explicit information about its size, market share, or regulatory status is provided in the material. Therefore, the profile remains confined to the confirmed facts about its services, headquarters location, and the documented breach.