JRK Property Holdings Hit by Ransomware Attack, Exposing Sensitive Customer Data
JRK Property Holdings, a Los Angeles-based real estate investment firm specializing in multifamily and hospitality assets, confirmed a data breach after detecting suspicious network activity on March 26, 2026. The company launched an investigation with cybersecurity experts, determining by April 22, 2026, that an unauthorized party had accessed files containing personally identifiable information (PII).
The breach was attributed to The Gentlemen, a ransomware group that claimed responsibility and threatened to leak stolen data on the dark web. Affected individuals began receiving notification letters on May 5, 2026.
Exposed data includes:
- Names
- Addresses
- Social Security numbers
- Dates of birth
- Financial account details
Class action law firm Shamis & Gentile P.A. is investigating the incident, citing potential legal recourse for impacted individuals under data breach protection laws. The firm is reviewing claims for compensation related to the exposure of sensitive information.
Source: https://www.claimdepot.com/investigations/jrk-property-holdings-data-breach-2026
JRK Property Holdings cybersecurity rating report: https://www.rankiteo.com/company/jrk-property-holdings
"id": "JRK1778611537",
"linkid": "jrk-property-holdings",
"type": "Ransomware",
"date": "5/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown',
'industry': 'Real Estate, Hospitality',
'location': 'Los Angeles, USA',
'name': 'JRK Property Holdings',
'type': 'Real estate investment firm'}],
'customer_advisories': 'Notification letters sent to affected individuals on '
'May 5, 2026',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Addresses',
'Social Security numbers',
'Dates of birth',
'Financial account details']},
'date_detected': '2026-03-26',
'date_publicly_disclosed': '2026-04-22',
'description': 'JRK Property Holdings, a Los Angeles-based real estate '
'investment firm, confirmed a data breach after detecting '
'suspicious network activity. The breach exposed personally '
'identifiable information (PII) of customers, including names, '
'addresses, Social Security numbers, dates of birth, and '
"financial account details. The ransomware group 'The "
"Gentlemen' claimed responsibility and threatened to leak "
'stolen data on the dark web.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'data breach',
'data_compromised': 'Personally identifiable information (PII), '
'Financial account details',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential legal actions under data breach '
'protection laws',
'payment_information_risk': 'High'},
'initial_access_broker': {'data_sold_on_dark_web': 'Threatened'},
'investigation_status': 'Ongoing',
'motivation': 'Financial gain, Data extortion',
'ransomware': {'data_exfiltration': 'Yes',
'ransomware_strain': 'The Gentlemen'},
'references': [{'source': 'Class action law firm Shamis & Gentile P.A.'}],
'regulatory_compliance': {'legal_actions': 'Class action investigation by '
'Shamis & Gentile P.A.',
'regulations_violated': 'Potential violations of '
'data breach protection '
'laws'},
'response': {'communication_strategy': 'Notification letters sent to affected '
'individuals on May 5, 2026',
'incident_response_plan_activated': 'Yes',
'third_party_assistance': 'Cybersecurity experts'},
'threat_actor': 'The Gentlemen',
'title': 'JRK Property Holdings Ransomware Attack and Data Breach',
'type': 'Ransomware, Data Breach'}