CRM Residential Data Breach Affects 11,787 People

Community Realty Management Inc., now known as CRM Residential, discovered a significant data breach that affected 11,787 individuals across the United States. Last year, the company discovered suspicious activity involving employee emails. An investigation determined that unauthorized access to certain email accounts took place from Sept. 10, 2024 to Oct. 22, 2024.

A review took place and on April 14, 2025, it was discovered that personal, financial and protected health information was compromised in the data breach. Exposed information includes names, dates of birth, Social Security numbers, driver’s license numbers, other government-issued identification numbers, passport numbers, financial account information, payment card information, state identification numbers, medical information and health insurance information.

CRM Residential posted a Notice of Data Security Event on its website and began notifying affected individuals by mail on Aug. 11, 2025. The data breach was disclosed to the Maine and Vermont Attorney Generals' offices beginning on Aug. 12, 2025.

Community Realty Management's response

In addition to required state and federal disclosures, Community Realty Management is offering impacted individuals 12 months of free TransUnion Cyberscout credit monitoring services.

If you receive a notice from Community Realty Management about this breach, you may want to:

• Sign up for the free TransUnion Cyberscout credit monitoring services, offered by CRM Residential.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

More information about Community Realty Management, now CRM Residential, can be found on their official website.