Kaaj Technologies Data Breach Exposes Lending's Dirty Little Secret

On March 26, 2026, Kaaj Technologies Inc.—a San Francisco-based fintech company that provides AI credit analysis and underwriting platforms for small business lenders—began notifying affected individuals that their personal information had been compromised in a cybersecurity incident that occurred on January 13, 2026.

What Was Stolen:

The breach exposed sensitive information including:

• Full names
• Home addresses
• Social Security numbers
• Financial application data
• Credit histories

The Hidden Danger:

Kaaj is not a lender—it's the engine behind the lenders. This company powers the AI that decides whether you get a loan, how much you can borrow, and at what interest rate. When their systems were breached, the attackers didn't just steal data—they potentially stole the algorithmic decision-making logic that lenders use to profile borrowers.

"Your information was probably taken by cybercriminals," the investigation firm Cole & Van Note warns. "They can take out credit cards in your name, get your tax return, take your identity and ruin your credit."

While this happened in America, the implications are global. Many international lending apps operating in Nigeria and other African markets use AI underwriting engines similar to Kaaj's. If the algorithms themselves are compromised, attackers could theoretically:

• Manipulate credit scores
• Approve fraudulent loans
• Create synthetic identities using real data
• Bypass fraud detection systems entirely