Yes, Union Home Mortgage experienced a significant data breach that exposed sensitive borrower information, and affected customers now have the opportunity to pursue compensation through class action litigation. The mortgage lender detected the breach on June 25, 2025, but didn’t discover that customer personal information had been accessed without authorization until August 26, 2025. Notification letters were sent to affected individuals on September 15, 2025, alerting them that their Social Security numbers, government-issued ID numbers, full dates of birth, passport numbers, and financial information had been compromised in a ransomware attack.
The breach has resulted in multiple class action lawsuits consolidated in the United States District Court for the Northern District of Ohio. The litigation targets Union Home Mortgage for negligence, negligence per se, breach of implied contract, and unjust enrichment. At least 24,160 Texas residents and 1,650 Washington state residents are documented as affected, though the total number of exposed individuals across all states could be significantly higher. Borrowers who received a breach notification letter or believe their information was compromised during this incident may be eligible to file a claim or join the existing litigation.
Table of Contents
- What Information Did Union Home Mortgage Expose in the Data Breach?
- How Large Is the Union Home Mortgage Data Breach and What’s the Geographic Reach?
- When Did Union Home Mortgage Detect the Breach and Notify Customers?
- What Legal Claims Are Being Pursued Against Union Home Mortgage?
- Did Union Home Mortgage Pay a Ransom and What Does That Mean for Affected Borrowers?
- What Should Affected Borrowers Do to Protect Themselves?
- What Developments Should Borrowers Expect in the Union Home Mortgage Litigation?
- Conclusion
What Information Did Union Home Mortgage Expose in the Data Breach?
The data breach exposed a comprehensive set of sensitive borrower information that could be used for identity theft and fraud. Compromised data included names, Social Security numbers, government-issued ID numbers (such as driver’s license or state ID numbers), full dates of birth, passport numbers, and financial and banking information. This combination of personal identifiers and financial data represents a particularly serious exposure for mortgage borrowers, who typically provide extensive documentation as part of the lending process. To understand the severity, consider that a cybercriminal with access to all of these data points has nearly everything needed to open fraudulent accounts, apply for credit, or commit identity theft.
Unlike a breach that exposes only a name and email address, this exposure includes the core elements needed to authenticate access to financial accounts and government services. Union Home Mortgage’s customer base—individuals in the process of purchasing homes or refinancing mortgages—are prime targets for fraud, as they’ve already demonstrated creditworthiness and access to significant funds. The fact that passport numbers were included in the exposure is particularly noteworthy, as it suggests the breach captured complete customer profiles including both domestic and international identification documents. Many borrowers may not realize they provided passport information to their mortgage lender, making this breach even more unexpected and potentially harmful.
How Large Is the Union Home Mortgage Data Breach and What’s the Geographic Reach?
The documented scale of the breach shows at least 25,810 affected individuals across two states alone: 24,160 Texans and 1,650 Washington state residents. These figures come from mandatory breach notifications filed with state attorneys general and represent only the minimum documented exposure. The actual number of affected borrowers could be substantially larger, as Union Home Mortgage operates nationwide and may have additional customers in states that do not publish specific breach notification counts or that aggregated the numbers differently.
The geographic concentration in Texas and Washington is likely due to Union Home Mortgage’s regional focus and customer distribution rather than an indication that only those states were affected. When a company operates across the United States and receives customer applications from borrowers nationwide, a breach typically affects customers from all 50 states. Individuals outside Texas and Washington who received breach notification letters from Union Home Mortgage are equally entitled to participate in the litigation and pursue compensation. The limitation of publicly reported numbers means many affected borrowers might not realize they’re part of the class action simply because their state didn’t publicize the incident as prominently.
When Did Union Home Mortgage Detect the Breach and Notify Customers?
Union Home Mortgage detected the data breach on June 25, 2025, but the timeline reveals a two-month gap before the company understood the true scope of the compromise. The company did not learn that customer personal information had been accessed without authorization until August 26, 2025, suggesting they initially detected suspicious activity but took significant time to investigate and confirm what data had actually been taken. Breach notification letters were finally sent to affected customers on September 15, 2025, providing formal notice of the exposure. This three-month timeline—from detection in June to customer notification in September—raises questions about the adequacy and speed of Union Home Mortgage’s incident response.
While investigation and notification do require time, a 12-week period from initial detection to customer notice is substantial. During this window, compromised data could have been actively used for fraud or circulated among criminal networks. The delay also means affected customers had no awareness of the breach for three months, preventing them from implementing protective measures like credit monitoring or fraud alerts during the most critical initial period. The September 15 notification date is important for affected borrowers’ legal claims, as it typically marks the beginning of statutes of limitation periods and notice requirements for participation in class action settlements. Anyone who received a breach notification letter on or around that date from Union Home Mortgage should preserve that correspondence, as it serves as proof of class membership.
What Legal Claims Are Being Pursued Against Union Home Mortgage?
The class action litigation in the United States District Court for the Northern District of Ohio advances four primary legal theories: negligence, negligence per se, breach of implied contract, and unjust enrichment. Negligence claims argue that Union Home Mortgage failed to implement reasonable security measures to protect customer data. Negligence per se claims rely on the company’s violation of specific data protection laws or regulations that establish a legal duty to safeguard personal information. A breach of implied contract claim suggests that by accepting customer information, Union Home Mortgage implicitly promised to protect that data with reasonable care. The unjust enrichment claims are based on the theory that Union Home Mortgage benefited from collecting and holding customer data while failing to protect it, and therefore should not profit from the breach.
This legal approach can be particularly valuable when specific damages are difficult to prove, as courts may award compensation based on the notion that the company was unjustly enriched by receiving customer information without adequately securing it. The company’s admissions made in response to a motion to dismiss strengthen these claims, as any statements Union Home Mortgage made in federal court can be used to establish liability. Consolidation in the Northern District of Ohio is significant because it centralizes all related lawsuits and prevents duplicative litigation. This consolidation benefits plaintiffs by providing consistent rulings and preventing the company from using conflicting court decisions in different jurisdictions to minimize liability. The federal venue also means the litigation is governed by federal evidence rules and civil procedure standards.
Did Union Home Mortgage Pay a Ransom and What Does That Mean for Affected Borrowers?
Union Home Mortgage paid a ransomware gang to obtain proof of deletion of the stolen data. The company claims that the ransomware gang provided documentation showing the compromised data was permanently deleted and not retained for resale or further exploitation. Since the ransom payment, the stolen data has not appeared on the dark web or in criminal marketplaces, which Union Home Mortgage cites as evidence the deletion was genuine. However, the decision to pay ransom carries significant limitations and risks that borrowers should understand. First, paying ransom perpetuates the ransomware ecosystem and incentivizes future attacks on other companies.
Second, there is no way to independently verify that a ransomware gang actually deleted data as promised—the company is relying on the attackers’ word, which is inherently untrustworthy. Third, law enforcement agencies generally discourage ransom payments precisely because they cannot be verified. The fact that no data has appeared on public dark web marketplaces is suggestive but not definitive proof of deletion; data could be retained in private criminal networks for later exploitation. The ransom payment does not eliminate the harm to affected borrowers, who still had their information stolen and exposed to unknown criminals for months. Their liability for identity theft and fraud remains unchanged regardless of whether the original thieves deleted the data or retained it. The incident still occurred, the data was still compromised, and the breach still warrants compensation for affected customers’ costs and risks.
What Should Affected Borrowers Do to Protect Themselves?
Borrowers who received a Union Home Mortgage breach notification letter should immediately place a fraud alert with the three major credit bureaus (Equifax, Experian, and TransUnion) by calling 1 out of the three bureaus and requesting they notify the other two. A fraud alert is free and instructs creditors to verify your identity before issuing new credit in your name. For more comprehensive protection, consider placing a credit freeze, which is also free and prevents any new credit from being opened without your explicit authorization.
Beyond fraud monitoring, affected borrowers should review their credit reports regularly (available free at annualcreditreport.com) and monitor financial accounts and Social Security Administration records for unauthorized activity. Given that the breach included full dates of birth, SSNs, and ID numbers, the risk for identity theft is substantial and ongoing. Some class action settlements related to data breaches include paid credit monitoring services as part of the settlement relief, so affected borrowers should monitor the litigation for any settlement announcements that might provide additional protective services. Consulting with an attorney about joining the class action or filing an individual claim can provide guidance on available remedies specific to your situation.
What Developments Should Borrowers Expect in the Union Home Mortgage Litigation?
Class action litigation typically progresses through several stages before any settlement or judgment is reached. The current consolidation in the Northern District of Ohio represents early-stage litigation where legal arguments about the validity of claims are ongoing. Over the coming months and years, the parties will engage in discovery, where both sides exchange documents and information. Motions on liability may be decided, potentially narrowing the scope of claims or ruling on whether Union Home Mortgage’s conduct was indeed negligent.
Settlement discussions often occur either before or after key court rulings. If a settlement is reached, affected borrowers will receive notice and information about how to submit a claim to receive compensation. The amount of compensation varies widely depending on the settlement and can include cash payments, reimbursement for documented losses (such as identity theft expenses), and paid credit monitoring services. Borrowers who received breach notification letters should monitor the case updates through the official class action website or by consulting with the law firm handling the litigation to ensure they don’t miss deadlines for claims submission.
Conclusion
Union Home Mortgage’s data breach exposed sensitive borrower information including Social Security numbers, government-issued IDs, birthdates, passport numbers, and financial details to cybercriminals for several months before notification occurred. The class action litigation consolidating multiple lawsuits in the United States District Court for the Northern District of Ohio pursues claims for negligence, negligence per se, breach of implied contract, and unjust enrichment, with documented exposure to at least 25,810 customers across Texas and Washington, though the total affected population is likely much larger.
Affected borrowers should act now to protect themselves against identity theft by placing fraud alerts or credit freezes and monitoring their credit reports for unauthorized activity. Those who received breach notification letters from Union Home Mortgage should monitor the litigation for settlement announcements and understand that compensation may be available through the class action process. Consulting with an attorney about eligibility and filing deadlines can ensure borrowers don’t miss opportunities to seek redress for the company’s failure to adequately protect their personal information.
You Might Also Like
- Oracle Data Breach Litigation Claims Customer Information Was Exposed
- Essen Medical Associates Data Breach Settlement Claims Patient Information Was Exposed
- Complete Payroll Solutions Data Breach Settlement Claims Employee Information Was Exposed
Open Settlements You Can Claim Now
Browse current class action settlements accepting claims — several require no proof of purchase: