Rockrose Data Breach Affects 47k People Exposing Social Security Numbers

Rockrose Development, a real estate developer and property manager based in New York City and Washington, D.C., has experienced a significant data breach that has impacted sensitive information belonging to employees, residents and others affiliated with the company.

The breach occurred on July 4, 2025, when unauthorized individuals gained access to Rockrose’s systems and claimed to have acquired confidential data stored within certain systems.

The cybercriminal group known as PLAY claimed responsibility for the attack, which has been identified as a ransomware incident. The group posted about the breach on the dark web on July 14, 2025, threatening to publish the stolen data if their demands were not met.

Rockrose’s investigation determined that the exposed information may include a range of personally identifiable information (PII) and protected health information (PHI): names, Social Security numbers, taxpayer identification numbers, driver’s license numbers, passport numbers, bank account and routing numbers, health insurance information, medical information and online account credentials.

A total of 47392 people have been affected, including 629 residents in Massachusetts, 346 in Texas, 346 in Maine, and at least 29 in Maine.

The severity of this breach is considerable, given the range and sensitivity of the data involved. The company posted a Notice of Data Security Incident on its website, and shortly thereafter, disclosed the data breach to the Attorney Generals' offices in California, Maine, Massachusetts, Vermont and Texas on Dec. 12, 2025.

Rockrose Development's response

In response to the breach, Rockrose Development immediately launched an investigation and engaged third-party cybersecurity experts to assist in determining the scope and impact of the incident. The company has taken steps to secure its systems and has implemented additional cybersecurity safeguards to prevent future incidents.

For individuals whose information may have been impacted, Rockrose is offering complimentary access to Experian IdentityWorks for 24 months.

If you believe your personal information may have been compromised in this breach:

• Carefully review any notice or communication you receive from Rockrose Development or a company that does business with Rockrose Development.
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.

For impacted individuals, the company has set up a dedicated call center at 833-931-3792, 8 a.m. to 8 p.m., ET, Monday through Friday.