National student housing developer, Landmark Properties, recently suffered a data breach after falling victim to a ransomware attack. On May 20, 2025, the cybercriminal group known as MORPHEUS posted on its dark web leak site that it had compromised Landmark Properties’ systems and exfiltrated approximately 1.2 terabytes of sensitive data.
The attackers claimed to have accessed an array of information, including financial documents, accounting records, confidential agreements, HR records, active deal details, client information, development plans, marketing materials, property-related documents, and construction documentation. Data samples shared by the group included copies of passports (some expired), financials, and other documents marked as “confidential.”
This breach potentially impacts a broad spectrum of individuals and entities, including clients, employees, and business partners of Landmark Properties. The exposed personally identifiable information (PII) could be leveraged for identity theft, financial fraud, or corporate espionage.
As of this writing, Landmark Properties has not released a public statement detailing its response to the breach. The company was contacted for comment, and updates are expected as more information becomes available. Given the scale and nature of the data compromised, affected individuals and organizations should take immediate steps to protect themselves.
If you believe your information may have been involved, consider the following actions:
Because the breach involved sensitive personal and financial data, the risk of identity theft and fraud is elevated.