Towne Mortgage Company Hit by BlackByte Ransomware Attack, Exposing Sensitive Data
In June 2025, Towne Mortgage Company, a full-service mortgage lender operating in 44 states, suffered a ransomware attack by the cybercriminal group BlackByte. The breach was detected on June 7, 2025, and an investigation revealed that attackers may have exfiltrated personally identifiable information (PII) from the company’s network.
BlackByte claimed responsibility on July 30, 2025, posting details on the dark web and sharing sample data. Towne Mortgage officially disclosed the incident to the Massachusetts Attorney General’s office on November 14, 2025, notifying affected individuals.
Headquartered in Troy, Michigan, Towne Mortgage has been in operation since 1982, offering mortgage products including FHA, VA, RD, conventional, and jumbo loans while employing over 200 people. The firm specializes in serving communities often underserved by larger lenders.
Affected individuals were offered 24-month credit monitoring through Cyberscout, along with guidance on placing fraud alerts and security freezes on their credit reports. Legal representatives are investigating potential compensation claims for those impacted by the breach.
Source: https://www.claimdepot.com/investigations/towne-mortgage-data-breach-2025
Towne Mortgage Company cybersecurity rating report: https://www.rankiteo.com/company/towne-mortgage-company
"id": "TOW1767755891",
"linkid": "towne-mortgage-company",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Financial Services',
'location': 'Troy, Michigan, USA',
'name': 'Towne Mortgage Company',
'size': 'Over 200 employees',
'type': 'Mortgage Lender'}],
'customer_advisories': 'Notification letters sent to affected individuals '
'with steps to protect themselves',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Personally identifiable '
'information'},
'date_detected': '2025-06-07',
'date_publicly_disclosed': '2025-11-14',
'description': 'Towne Mortgage Company experienced a significant data breach '
'after falling victim to a ransomware attack by the group '
'BlackByte. Personal information may have been copied from the '
"company's network, and affected individuals may be eligible "
'for compensation.',
'impact': {'data_compromised': 'Sensitive personally identifiable information',
'identity_theft_risk': 'High'},
'initial_access_broker': {'data_sold_on_dark_web': 'Sample data posted on the '
'dark web'},
'investigation_status': 'Completed',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'BlackByte'},
'recommendations': ['Enroll in complimentary 24-month credit monitoring '
'service',
'Place a fraud alert on credit files',
'Consider placing a security freeze on credit reports',
'Obtain free credit reports and review for suspicious '
'activity',
'Monitor financial accounts and credit reports regularly'],
'references': [{'source': 'Shamis & Gentile P.A.'}],
'regulatory_compliance': {'regulatory_notifications': 'Disclosed to '
'Massachusetts Attorney '
"General's office"},
'response': {'communication_strategy': 'Notification letters to affected '
'individuals, disclosure to '
"Massachusetts Attorney General's "
'office',
'enhanced_monitoring': 'Complimentary 24-month credit monitoring '
'service provided by Cyberscout',
'third_party_assistance': 'Cybersecurity professionals'},
'threat_actor': 'BlackByte',
'title': 'Towne Mortgage Company Data Breach',
'type': 'Ransomware Attack'}