US Mortgage Corporation recently disclosed a data breach involving unauthorized access to its computer network. The incident, identified as a ransomware attack, may have exposed sensitive personal information belonging to certain individuals, prompting the company to notify affected consumers and regulators.
US Mortgage Corporation’s Data Breach Investigation
US Mortgage Corporation, a New York–based mortgage lender, reported a cybersecurity incident involving unauthorized activity within portions of its internal computer network. The company disclosed the breach in a notification sent to regulators and affected individuals after completing a detailed investigation into the incident.
According to the company, the issue was first detected on May 14, 2025, when suspicious activity was identified within a limited portion of its network. Upon discovering the incident, US Mortgage Corporation quickly launched an internal response and began working with third-party cybersecurity experts to investigate and contain the activity.
The company also retained outside legal counsel and notified law enforcement authorities about the breach. Independent cybersecurity specialists were brought in to conduct a forensic investigation aimed at determining how the unauthorized access occurred and what information may have been affected.
Investigators ultimately determined that the incident involved a ransomware attack. Ransomware attacks typically occur when cybercriminals infiltrate a company’s systems, encrypt files, or extract sensitive information in order to demand payment or exploit stolen data.
The forensic investigation concluded that the unauthorized access occurred between May 13, 2025 and May 14, 2025, when an unauthorized third party gained entry to a portion of the company’s network.
Following the discovery of the intrusion, US Mortgage Corporation began restoration and remediation efforts designed to secure its systems and prevent further unauthorized access. These measures included restoring files from secure backups, resetting passwords across systems, and rebuilding affected systems within a newly created secure environment.
The company also implemented additional technical safeguards to strengthen its cybersecurity posture. These improvements built upon security controls that were already in place prior to the incident, including firewalls, multifactor authentication protections, and secure backup systems.
After identifying the compromised network area, investigators worked to determine which files were accessed during the attack. A specialized data-review firm was engaged to analyze the affected files and determine whether they contained personal information.
That review process took several months to complete. The data-review firm provided its results on October 23, 2025, identifying the categories of personal information that may have been present in the compromised files.
Following receipt of those results, US Mortgage Corporation worked with legal counsel to evaluate its notification obligations and determine which individuals were affected. Because some of the impacted records did not contain contact information, the company spent additional time locating accurate mailing addresses for individuals whose information may have been involved.
The notification process was completed on February 11, 2026, and the company began sending written notification letters to affected individuals on March 5, 2026.
According to the company’s regulatory notice, the incident affected at least four New Hampshire residents.
To assist impacted individuals, the company stated that it is offering complimentary credit monitoring services through Experian IdentityWorks for individuals whose Social Security numbers or driver’s license numbers may have been involved in the breach.
Data breaches involving mortgage lenders can be particularly concerning because these companies often store large amounts of sensitive personal and financial information related to loan applications, financial records, and identity verification. When this information becomes exposed through cyberattacks, it can increase the risk of identity theft and financial fraud.
For this reason, individuals who receive a breach notification may want to carefully monitor their financial accounts and stay informed about potential legal options that may be available to them.
When Did This Breach Occur?
According to the company’s investigation, the ransomware incident occurred between:
May 13, 2025 – May 14, 2025
Suspicious activity was detected on May 14, 2025, which prompted the company to launch its forensic investigation and cybersecurity response.
The review of impacted data was completed on October 23, 2025, and the company finalized its notification process on February 11, 2026 before mailing notices to affected individuals on March 5, 2026.
What Information Was Breached?
The company determined that certain personal information may have been present in the files accessed during the incident. Potentially exposed information may include:
-
Name
-
Contact information
-
Government identification numbers (such as Social Security numbers or driver’s license numbers)
-
Financial account information
-
Limited medical or insurance information
The specific data elements involved may vary depending on the individual.
What You Can Do
If you received a notification from US Mortgage Corporation about this data breach, there are several steps you may consider taking to help protect your personal and financial information.
First, monitor your bank accounts, credit cards, and other financial accounts for signs of unauthorized activity. If you notice unfamiliar transactions, contact your financial institution immediately.
You should also review your credit reports regularly to check for suspicious accounts or inquiries that could indicate identity theft.
Individuals whose Social Security numbers or driver’s license numbers were involved may be eligible for complimentary credit monitoring through Experian IdentityWorks. Enrolling in these services can help alert you to potential fraudulent activity involving your credit.
You may also consider placing a fraud alert or security freeze on your credit file with the major credit reporting agencies. These tools can help prevent criminals from opening new accounts in your name.
Many people affected by data breaches are unaware that they may have legal rights. When companies fail to adequately safeguard sensitive personal information, impacted individuals may have the option to pursue compensation through a data breach lawsuit.
File a Data Breach Lawsuit Against US Mortgage Corporation
If you received a data breach notification from US Mortgage Corporation, you may have legal rights. Organizations that collect and store sensitive personal and financial information are responsible for implementing reasonable security safeguards to protect that data.
When a company fails to adequately secure its systems and a cyberattack exposes personal information, affected individuals may be able to seek compensation through a data breach lawsuit.
Class action lawsuits allow individuals impacted by the same breach to join together to pursue accountability and potential financial recovery. These legal actions can also help encourage companies to strengthen their cybersecurity practices and better protect consumer data in the future.
Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.