Incransom, a threat actor, has stolen over 20 TB of data from Evolve Mortgage Services (formerly mrn3.com) in the United States, including 2 TB of sensitive databases containing client SSNs, IDs, addresses, contact details, and full credit histories since 2016, while the company refused to address the security breach and shown disregard for customer data safety. The leak exposes thousands of U.S. citizensβ personal and confidential PII, highlighting the companyβs neglect toward data privacy and security #UnitedStates
Incident Details
- Victim: Evolve Mortgage Services
- Country: US
- Actor: incransom
- Source: http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/68ff418ce1a4e4b3ff674713
- Discovered: 2025-10-30 03:22:46.484770
- Published: 2025-10-30 01:00:00.000000
Information
- Victim: Evolve Mortgage Services, previously known as mrn3.com
- Actor: incransom
- Stole over 20 TB of company data, including 2 TB of databases
- Refused to resolve the issue or ensure the security of customer data
- Indicated disinterest in data leaks or disclosures
- Possesses all client data from both companies since 2016
- Data includes SSN numbers, client ID scans, addresses, contact numbers, and full credit histories
- Contains personal and confidential PII forms for thousands of U.S. citizens
Disclaimer: This post is based on public claims made by the ransomware group "incransom". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.