Income Property Management Data Breach Exposes Sensitive Personal Information
Shamis & Gentile P.A., a class action law firm specializing in data breach cases, is investigating a cybersecurity incident involving Income Property Management Co. (IPM), a property management firm based in Oregon.
Founded in 1974 by Jeff Reingold in Eugene, IPM expanded to Portland in 1984 and manages residential and commercial properties across Oregon and southwest Washington. The company, currently headquartered in Portland, is relocating to Tigard, Oregon.
The Breach
On December 22, 2024, IPM detected unauthorized activity on its network. After engaging an IT security firm, the company confirmed that an unauthorized actor exfiltrated files on or around January 29, 2025. A subsequent review, completed on December 4, 2025, revealed that the compromised files contained personally identifiable information (PII).
Exposed Data
The breach potentially exposed a range of sensitive details, including:
- Driver’s license numbers
- Alien registration numbers
- Health insurance providers and ID numbers
- Dates of birth
- Social Security numbers
- Medical conditions
- Passport numbers
Affected individuals may be eligible for compensation under laws protecting victims of data breaches caused by corporate security failures. Legal representatives are reviewing cases to determine eligibility for claims.
Source: https://www.claimdepot.com/investigations/income-property-management-co-data-breach-2026
IPM cybersecurity rating report: https://www.rankiteo.com/company/ipm-co-
"id": "IPM1774888993",
"linkid": "ipm-co-",
"type": "Breach",
"date": "1/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Real Estate',
'location': 'Oregon, USA',
'name': 'Income Property Management Co. (IPM)',
'type': 'Property Management Firm'}],
'data_breach': {'data_exfiltration': 'Confirmed on or around January 29, 2025',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Driver’s license numbers',
'Alien registration numbers',
'Health insurance providers and '
'ID numbers',
'Dates of birth',
'Social Security numbers',
'Medical conditions',
'Passport numbers']},
'date_detected': '2024-12-22',
'description': 'Shamis & Gentile P.A. is investigating a cybersecurity '
'incident involving Income Property Management Co. (IPM), '
'where unauthorized activity led to the exfiltration of files '
'containing personally identifiable information (PII).',
'impact': {'data_compromised': 'Personally identifiable information (PII)',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential compensation claims under data '
'breach laws'},
'investigation_status': 'Ongoing',
'references': [{'source': 'Shamis & Gentile P.A.'}],
'regulatory_compliance': {'legal_actions': 'Potential class action lawsuits'},
'response': {'third_party_assistance': 'IT security firm engaged'},
'title': 'Income Property Management Data Breach Exposes Sensitive Personal '
'Information',
'type': 'Data Breach'}