US Mortgage Corporation Ransomware Attack Exposes Financial and Personal Data
Learn More
US Mortgage Corporation, a mortgage lender based New York, reports a ransomware attack that occurred in May 2025.
The company detected suspicious activity on its network on May 14, 2025, and later identified a breach that began the previous day. The SAFEPAY ransomware group claimed responsibility for the incident on May 29, 2025.
SAFEPAY alleges that they exfiltrated 80 GB of data. Тhe company has not confirmed the volume or types of stolen information. The compromised data allegedly includes:
- Social Security numbers
- Driver’s license numbers
- Mortgage and financial account information
- Full names and dates of birth
- Contact information
- Limited medical and insurance information
The total number of affected individuals is not disclosed. The organization restored its systems from backups, reset all user passwords, and rebuilt the affected environment to ensure it was clean.
The company began mailing notification letters to affected individuals on March 5, 2026. Impacted individuals are being offered complimentary credit monitoring and identity theft protection.
