US Mortgage Corp Data Breach Exposes Social Security Numbers

Melville based, US Mortgage Corporation, has disclosed a data breach involving ransomware beginning on May 13, 2025, when an unauthorized third party gained access to a portion of the company’s computer network and was detected on May 14, 2025.

In the aftermath, the ransomware group known as SAFEPAY claimed responsibility for the attack and posted on the dark web on May 29, 2025, alleging that they had obtained 80 GB of the organization’s data. The attack was listed as a ransomware incident on their Tor network dark web site.

An investigation revealed that the files accessed by the attackers contained a range of sensitive information such as names, contact information, government identification numbers (including Social Security numbers and driver’s license numbers), dates of birth and financial account information (such as mortgage account details).

In addition, some files contained limited protected health information (PHI) like medical or insurance information.

The total number of impacted individuals nationwide has not been disclosed but four New Hampshire residents have been affected.

In response to the attack, US Mortgage Corporation engaged cybersecurity experts to investigate and contain the incident. The company restored files from backups, reset passwords, rebuilt affected systems in a clean environment, and implemented additional technical safeguards to strengthen its security posture.

The company also retained a data-review firm to analyze the compromised files and determine whose information was affected. After receiving the results in October 2025, US Mortgage Corporation worked to locate current addresses for impacted individuals and began mailing notification letters on March 5, 2026.

For those whose Social Security or driver’s license numbers were impacted, US Mortgage Corporation is providing complimentary credit monitoring and identity theft protection services through Experian IdentityWorks.