Glenwood Management Data Breach Affects 8,146 People: SSNs Exposed

On Sept. 25, 2025, Glenwood Management, a prominent New York City real estate developer and property management firm, discovered a data breach affecting 8,146 individuals across the United States. The breach was the result of a ransomware attack carried out by the group known as Payouts King, who claimed responsibility on the dark web on July 9, 2025. According to their post, the attackers obtained 150 GB of data and threatened to publish the information within a week.

The breach was first detected on Sept. 10, 2025, when Glenwood Management identified that certain documents had been accessed without authorization. While the company believes the attacker’s primary motive was financial extortion rather than data theft, they have notified affected individuals out of an abundance of caution.

The exposed information includes personally identifiable information (PII) such as Social Security numbers.

The incident affected residents in multiple states, with nine individuals in Maine and 78 in Massachusetts confirmed as impacted. Glenwood Management first disclosed the breach to the Maine Attorney General and the Massachusetts Attorney General on Oct. 2, 2025. The Vermont Attorney General was notified on Oct. 3, 2025.

Written notifications to affected consumers began on Oct. 2, 2025.

Glenwood Management's response

In response to the ransomware attack, Glenwood Management Corp. took action by notifying law enforcement and engaging computer forensic experts to investigate the incident and contain the breach. The company has since enhanced its security measures and increased monitoring of its systems to help prevent similar incidents in the future. Additionally, Glenwood Management has focused on raising company-wide awareness of data security best practices.

For those affected, Glenwood Management is offering complimentary Single Bureau Credit Monitoring, Credit Report, and Credit Score services through Cyberscout, a TransUnion company. These services are available for 12 months from the date of enrollment and include proactive fraud assistance. Impacted individuals are encouraged to enroll in these services within 90 days of receiving their notification letter.

The company also recommends that affected persons remain vigilant by monitoring their financial accounts and credit reports for suspicious activity, placing fraud alerts or security freezes on their credit files, and reporting any signs of identity theft to the appropriate authorities.

Due to the nature of the ransomware attack and the type of information exposed, it is especially important for those notified to take advantage of the offered credit monitoring and to follow the additional steps outlined in the consumer notice. For further questions or assistance, affected individuals can contact the dedicated help line provided in the notification letter.