Plaza Home Mortgage Confirms Data Breach Following Ransomware Attack
Plaza Home Mortgage, a national mortgage lender based in Costa Mesa, California, has notified customers and employees of a data breach stemming from a ransomware attack earlier this year. The company, which operates nationwide and specializes in wholesale and correspondent lending, disclosed the incident on May 29, 2026, through third-party notice administrator Simpluris, Inc.
The breach appears linked to a February 27, 2026, attack claimed by the ransomware group SilentRansomGroup, which threatened to release sensitive data if ransom demands were not met. Initial reports suggested the compromise included employee records, user data, and third-party credentials, though the full scope remains unclear. While the February incident cited exposure for at least 54 users and 10 employees, the true number of affected individuals has not been publicly disclosed.
Plaza Home Mortgage, founded in 2000 with over 900 employees and nearly $280 million in annual revenue, handles highly sensitive financial data, including Social Security numbers, bank account details, and loan information. The breach places the company under regulatory scrutiny, particularly under the Gramm-Leach-Bliley Act (GLBA), which requires financial institutions to report breaches affecting 500 or more consumers to the FTC within 30 days. State-level laws, including California’s strict notification requirements, may also apply.
The three-month gap between the attack and official notification reflects the complexity of breach investigations, during which companies must assess the extent of exposure and identify affected parties. Simpluris, a firm specializing in breach response, is managing victim communications and remediation efforts. The incident may also trigger legal challenges, including potential class-action lawsuits, depending on whether the company’s security measures are deemed adequate.
Affected individuals have been directed to a dedicated portal for details on protective measures, though specific data exposed and remediation services offered remain undisclosed. The breach underscores the ongoing risks of ransomware attacks targeting financial institutions and the prolonged impact on victims.
Source: https://briefglance.com/articles/plaza-home-mortgage-confirms-data-breach-urges-action-from-victims
Plaza Home Mortgage TPRM report: https://www.rankiteo.com/company/plaza-home-mortgage
"id": "pla1780136871",
"linkid": "plaza-home-mortgage",
"type": "Ransomware",
"date": "5/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Financial Services',
'location': 'Costa Mesa, California, USA',
'name': 'Plaza Home Mortgage',
'size': '900+ employees, $280 million annual revenue',
'type': 'Mortgage Lender'}],
'customer_advisories': 'Dedicated portal for details on protective measures',
'data_breach': {'data_exfiltration': 'Threatened by ransomware group',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Employee records',
'User data',
'Third-party credentials',
'Social Security numbers',
'Bank account details',
'Loan information']},
'date_detected': '2026-02-27',
'date_publicly_disclosed': '2026-05-29',
'description': 'Plaza Home Mortgage, a national mortgage lender based in '
'Costa Mesa, California, has notified customers and employees '
'of a data breach stemming from a ransomware attack earlier '
'this year. The breach appears linked to a February 27, 2026, '
'attack claimed by the ransomware group SilentRansomGroup, '
'which threatened to release sensitive data if ransom demands '
'were not met. Initial reports suggested the compromise '
'included employee records, user data, and third-party '
'credentials. The breach places the company under regulatory '
'scrutiny, particularly under the Gramm-Leach-Bliley Act '
'(GLBA), and may trigger legal challenges, including potential '
'class-action lawsuits.',
'impact': {'brand_reputation_impact': 'Potential reputational damage',
'data_compromised': 'Employee records, user data, third-party '
'credentials, Social Security numbers, bank '
'account details, loan information',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential class-action lawsuits',
'payment_information_risk': 'High'},
'investigation_status': 'Ongoing',
'motivation': 'Financial gain',
'ransomware': {'data_exfiltration': 'Threatened',
'ransomware_strain': 'SilentRansomGroup'},
'references': [{'source': 'Simpluris, Inc. (third-party notice '
'administrator)'}],
'regulatory_compliance': {'legal_actions': 'Potential class-action lawsuits',
'regulations_violated': ['Gramm-Leach-Bliley Act '
'(GLBA)',
'California state breach '
'notification laws'],
'regulatory_notifications': 'FTC (if 500+ consumers '
'affected)'},
'response': {'communication_strategy': 'Dedicated portal for affected '
'individuals',
'third_party_assistance': 'Simpluris, Inc.'},
'threat_actor': 'SilentRansomGroup',
'title': 'Plaza Home Mortgage Data Breach Following Ransomware Attack',
'type': 'Ransomware'}