UPDATED: March 31, 2026

Income Property Management Data Breach

Income Property Management Co. reported a data breach in January 2025, potentially exposing sensitive personal data such as Social Security numbers and medical information. If you were affected, you may be entitled to compensation. Contact Class Action U for a free consultation to explore your legal action.

Income Property Management

Date of Breach: December 22, 2024

Who was affected:

Clients of Income Property Management

Impacted Data:

Driver’s license number

Alien registration number

Health insurance provider and identification number

Date of birth

Social Security number

Medical condition

Passport number

Income Property Management Co. (IPM), a company managing commercial and residential properties across Oregon and Washington, has recently informed individuals of a cybercrime incident that may have compromised personal information. The breach involved unauthorized access to IPM’s network, resulting in the theft of sensitive data, including Social Security numbers and health-related information. While there has been no indication of misuse, IPM is taking steps to protect affected individuals.

Income Property Management Co.’s Data Breach Investigation

On December 22, 2024, IPM discovered unauthorized activity within its network. In response, the company engaged an IT security firm to investigate the incident. The investigation revealed that files were taken from IPM’s network by an unauthorized actor on or around January 29, 2025. Once the breach was identified, IPM initiated a detailed review of the involved files to determine the data potentially affected and identify the individuals whose information may have been compromised.

The investigation concluded on December 4, 2025, revealing that the stolen files contained personally identifiable information. While IPM has not identified any actual or attempted misuse of the information, the company is notifying individuals and offering resources to help protect against potential identity theft and fraud.

When Did This Breach Occur?

The breach occurred on or around January 29, 2025, when unauthorized files were taken from IPM’s network. The incident was discovered on December 22, 2024, and the investigation continued until December 4, 2025, to identify the affected data.

What Information Was Breached?

The breach involved a variety of personal information, which may have included:

Driver’s license number
Alien registration number
Health insurance provider and identification number
Date of birth
Social Security number
Medical condition
Passport number

The type of information affected varied from person to person, and while there have been no reports of misuse, IPM is taking steps to ensure that individuals are informed and protected.

What You Can Do

Although there have been no confirmed reports of identity fraud or fraudulent activity associated with this breach, it is important to remain vigilant and take steps to protect your personal information:

Monitor Your Credit Reports: Regularly review your credit reports for suspicious activity. You are entitled to a free credit report from each of the three major credit bureaus once a year at www.annualcreditreport.com.
Review Account Statements: Check your bank, credit card, and other financial statements for any unusual transactions.
Enroll in Credit Monitoring Services: If your Social Security number was involved in the breach, IPM is offering complimentary credit monitoring services to help you stay on top of any potential changes to your credit report.
Report Suspicious Activity: If you detect any unusual activity on your accounts, promptly contact your financial institution or the company involved.
Fraud Assistance Services: IPM has set up a professional call center through HaystackID, a firm specializing in fraud assistance and remediation services, to answer questions and help with any concerns you may have regarding this incident. The call center is available Monday through Friday from 9:00 a.m. to 9:00 p.m. Eastern time.

File a Data Breach Lawsuit Against Income Property Management Co.

If you were impacted by the IPM data breach, you may be entitled to compensation for any damages caused by the exposure of your personal information. Legal action, such as filing a lawsuit, may allow you to seek redress for any potential harm, including identity theft or financial loss.

Contact Class Action U for a free consultation to learn more about your legal options. Our experienced legal partners can guide you through the process of filing a lawsuit and help you protect your rights. There is no cost or obligation to speak with an attorney.

Take action now to protect yourself and hold Income Property Management Co. accountable for the breach.

Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

Other Data Breaches

Mobilelink Data Breach

Date of Breach: March 30, 2026

Champion Home Builders Data Breach

Date of Breach: January 16, 2025

Rocky Mountain Care Data Breach

Date of Breach: February 2, 2026

Frequently Asked Questions

What Should I Do If I Believe My Data Has Been Breached?

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

What Happens to Your Data in a Data Breach?

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

How Should I Respond to a Data Breach Notification?

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

What Evidence is Needed for a Data Breach Claim?

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Can a Company Be Sued for a Data Breach?

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

What is the Average Settlement in a Data Breach Lawsuit?

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.