Plaza Home Mortgage over the weekend confirmed it notified 137,976 people of a February 2026 data breach that compromised the following personal info:
- Names
- Social Security numbers
- Info related to mortgage loan applications and servicing
- Government-issued IDs (e.g. driver’s licenses)
- Addresses
- Birth dates
A cybercriminal gang called Silent Ransom Group took credit for the breach on March 22, 2026.
Plaza has not acknowledged Silent’s claim and Comparitech cannot independently verify its authenticity. We do not know if Plaza paid a ransom, how much Silent demanded, or how attackers breached Plaza’s network. Comparitech contacted Plaza for comment and will update this article if it replies.
“Plaza Home Mortgage, Inc. experienced a security incident involving unauthorized access to one employee’s computer on or around February 17, 2026. Threat actors illegally accessed our information systems without permission,” says Plaza’s notice to breach victims.
“Based on our investigation about this issue, an unauthorized party may have obtained some of your personal information.”
Plaza is offering breach victims 12 months of free credit monitoring through CyEx.
Who is Silent Ransom Group?
Silent Ransom Group, formerly called LeakedData, is a ransomware group that first surfaced in December 2024. It mostly targets US financial and legal businesses. Its malware does not encrypt files, instead relying on data theft and extortion.
Silent has claimed responsibility for 95 data breaches in total. Of those, 20 were confirmed by the organizations targeted.
Aside from Plaza, Silent has taken credit for four other data breaches this year:
- Hawaii Employers’ Mutual Insurance reported a data breach in February 2026
- Singleton Schreiber notified 232 people of a February 2026 data breach
- Jones Day reported a March 2026 data breach for which Silent demanded $13 million
- Weil, Gotshal & Manges refused to pay Silent a $20 million ransom after a data breach earlier this year
Ransomware attacks on US finance
Comparitech researchers have logged 10 confirmed ransomware attacks on US financial firms in 2026 to date. The resulting data breaches compromised 304,000 records.
Silent’s attack on Plaza is the second largest such breach this year by number of records compromised. The largest hit Beacon Mutual Insurance Company, which notified 162,439 people of a January 2026 data breach claimed by INC.
Last year, we recorded 70 ransomware attacks on US finance companies, which compromised more than 2 million records.
Other such recently confirmed ransomware attacks include:
- American Lending Center notified 123,158 people of a July 2025 ransomware attack
- US Tiger Securities notified 26,985 people of a July 2025 ransomware attack
- Industrial Acceptance Corporation notified 79,216 people of a February 2025 data breach claimed by INC
- IMA Diligence Services notified 525,306 people of a December 2025 data breach claimed by Genesis
Ransomware attacks on financial firms can both steal data and lock down computer systems. Once infected, the attacker then demands a ransom to delete stolen data and restore systems. Companies that refuse to pay can face extended downtime, permanent data loss, and putting customers at increased risk of fraud.
About Plaza Home Mortgage
Founded in San Diego, CA in 2000, Plaza Home Mortgage is a wholesale and correspondent mortgage lender.