AmeriCU Mortgage
Company Details
Linkedin ID:
americu-mortgage
Website:
Employees number:
49
Number of followers:
372
NAICS:
52
Industry Type:
Homepage:
americu.com
IP Addresses:
0
Company ID:
AME_2012785
Scan Status:
In-progress
AmeriCU Mortgage Company CyberSecurity Posture
americu.com
Since 1993 AmeriCU Mortgage has been recognized as a leading provider of mortgage services to Credit Union members nationwide. We offer competitive mortgage products to meet the specific needs of your members in our rapidly changing marketplace. AmeriCU strives to provide superior member service, as well as innovative marketing and compliance support to our credit union partners through a variety of relationship options. AmeriCU Mortgage is a privately held mortgage banking company, providing residential mortgage financing through the Federal National Mortgage Association (FNMA), the Federal Home Loan Mortgage Corporation (FHLMC), the Government National Mortgage Association (GNMA) and other private investors. AmeriCU is a division of Towne Mortgage Company. Programs available only to qualified borrowers. Programs subject to change without notice. Underwriting terms and conditions apply. Some restrictions apply.The information provided on this website is for the dissemination to and for the use of real estate and financial business entities only and is not an advertisement for the extension of credit to consumers. Towne’s AZ License #: 0942579, Towne’s CA License #: 41DBO-45117. Licensed by the Department of Financial Protection and Innovation (DFPI) under the California Residential Mortgage Lending Act. GA License #: 12701. IL License #: MB.6760710. Towne’s MA Mortgage Lender License #ML3028. Rhode Island Licensed Lender. Licensed by the N.J. Department of Banking and Insurance. Licensed to originate loans in AZ, CA, CT, MA, NE, NV, UT, VT under Towne Mortgage Company only. Link to http://nmlsconsumeraccess.org Corporate disclosures: https://www.americu.com/disclosures/ Privacy policy: https://www.americu.com/privacy-policy/ State licensing: https://www.americu.com/licensing/
AmeriCU Mortgage A.I CyberSecurity Scoring
AmeriCU Mortgage Risk Score (AI oriented)Between 600 and 649
AmeriCU Mortgage
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
AmeriCU Mortgage Global Score (TPRM)XXXX
AmeriCU Mortgage
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
AmeriCU Mortgage Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
Towne Mortgage Company
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: Towne Mortgage Company, a full-service mortgage lender operating since 1982, suffered a **ransomware attack** in **June 2025** by the **BlackByte** group. The breach exposed **sensitive personally identifiable information (PII)** of customers, with evidence of data being copied from the company’s network. BlackByte later **claimed responsibility on the dark web** in July 2025, even releasing sample data. The incident was formally disclosed to the **Massachusetts Attorney General’s office** in November 2025. The breach impacted individuals across **44 states**, where Towne Mortgage originates loans, and **47 states**, where it services them. Affected parties were notified and offered **24-month credit monitoring**, with warnings of potential **identity theft, fraud, and financial harm**. Legal firms are investigating the incident for **compensation claims**, indicating severe reputational and financial risks for the company and its customers. The attack disrupted trust in Towne Mortgage’s ability to safeguard customer data, with long-term consequences for its operations and customer retention. The exposure of PII—such as financial and personal details—heightens risks of **fraudulent activity, phishing, and unauthorized account access** for victims.
Towne Mortgage Company
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: Towne Mortgage Company, a full-service mortgage lender, suffered a **ransomware attack** by the **BlackByte ransomware group**, leading to a **major data breach**. Unauthorized access to the company’s network was detected on **June 7, 2025**, and a forensic investigation later confirmed that **customer data files were copied** from its systems. The breach was publicly disclosed on **November 14, 2025**, after BlackByte published **sample stolen data** on its dark web portal on **July 30, 2025**, heightening risks of **identity theft and fraud**.The compromised data included **personal information of customers**, exposing them to potential financial and reputational harm. In response, Towne Mortgage offered **24-month credit monitoring, fraud alerts, and security freeze guidance** to affected individuals. The attack underscores the severe consequences of ransomware-driven breaches, where **data exfiltration and extortion** compound the damage beyond mere encryption.The incident highlights the **criminal intent** behind the attack, with the threat actor actively **leaking sensitive data** to pressure the company. Customers were advised to monitor financial accounts and credit reports for unauthorized activity, reflecting the **long-term risks** posed by such breaches.
AmeriCU Mortgage Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for AmeriCU Mortgage
Incidents vs Financial Services Industry Average (This Year)
AmeriCU Mortgage has 31.58% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
AmeriCU Mortgage has 56.25% more incidents than the average of all companies with at least one recorded incident.
Incident Types AmeriCU Mortgage vs Financial Services Industry Avg (This Year)
AmeriCU Mortgage reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — AmeriCU Mortgage (X = Date, Y = Severity)
AmeriCU Mortgage cyber incidents detection timeline including parent company and subsidiaries
AmeriCU Mortgage Company Subsidiaries
Since 1993 AmeriCU Mortgage has been recognized as a leading provider of mortgage services to Credit Union members nationwide. We offer competitive mortgage products to meet the specific needs of your members in our rapidly changing marketplace. AmeriCU strives to provide superior member service, as well as innovative marketing and compliance support to our credit union partners through a variety of relationship options. AmeriCU Mortgage is a privately held mortgage banking company, providing residential mortgage financing through the Federal National Mortgage Association (FNMA), the Federal Home Loan Mortgage Corporation (FHLMC), the Government National Mortgage Association (GNMA) and other private investors. AmeriCU is a division of Towne Mortgage Company. Programs available only to qualified borrowers. Programs subject to change without notice. Underwriting terms and conditions apply. Some restrictions apply.The information provided on this website is for the dissemination to and for the use of real estate and financial business entities only and is not an advertisement for the extension of credit to consumers. Towne’s AZ License #: 0942579, Towne’s CA License #: 41DBO-45117. Licensed by the Department of Financial Protection and Innovation (DFPI) under the California Residential Mortgage Lending Act. GA License #: 12701. IL License #: MB.6760710. Towne’s MA Mortgage Lender License #ML3028. Rhode Island Licensed Lender. Licensed by the N.J. Department of Banking and Insurance. Licensed to originate loans in AZ, CA, CT, MA, NE, NV, UT, VT under Towne Mortgage Company only. Link to http://nmlsconsumeraccess.org Corporate disclosures: https://www.americu.com/disclosures/ Privacy policy: https://www.americu.com/privacy-policy/ State licensing: https://www.americu.com/licensing/
Loading...
AmeriCU Mortgage Similar Companies
Standard Bank Group
As a brand with a legacy of over 160 years in Africa, we have a deep understanding and belief in the boundless opportunities that this continent presents. Our vision extends beyond mere geography; it encompasses a profound recognition of the potential for growth that resonates within our people, cus
Franklin Templeton
Franklin Resources, Inc. [NYSE:BEN] is a global investment management organization with subsidiaries operating as Franklin Templeton (www.franklinresources.com). The products, services, information and materials referenced in this site may not be available to residents in certain jurisdictions. Co
Northern Trust
As a global leader in innovative wealth management, asset servicing and investment solutions, Northern Trust (Nasdaq: NTRS) is proud to guide the world’s most successful individuals, families and institutions by remaining true to our enduring principles of service, expertise and integrity. A global
Transamerica
Longer lifespans are changing the way we exist. Instead of the traditional stages of learn, work, and retire, we now have the potential for a more fulfilling, multi-stage life. With this opportunity comes the need to plan for it. We enable financial professionals, brokers, agents, advisors, and empl
ICE (NYSE: ICE) connects people to data, technology and expertise that create opportunity and inspire innovation. For terms of use, visit www.ice.co
Bank of America Merrill Lynch
From local communities to global markets, we are dedicated to shaping the future responsibly and helping clients thrive in a changing world. “Bank of America Merrill Lynch” is the marketing name for the global banking and global markets businesses of Bank of America Corporation. Bank of America is
MUFG
MUFG (Mitsubishi UFJ Financial Group) is one of the world's leading financial groups. Headquartered in Tokyo and with over 360 years of history, MUFG has a global network with over 2,100 locations in more than 40 markets including the Americas, Europe, the Middle East and Africa, Asia and Oceania. T
Sahara India Pariwar
Sahara India was founded in 1978 and now has book value of gross assets of more than USD 63 billion. Today, the Sahara Group is a major business conglomerate in India with diversified business interest including financial services, housing finance, mutual funds, life insurance, City development, rea
BBVA en México
Bienvenido a la página oficial del Banco BBVA Bancomer. Institución financiera de México desde 1932. Es una empresa filial de Banco Bilbao Vizcaya Argentaria (BBVA), uno de los grupos financieros líderes en Europa y considerado entre uno de los más grandes de la Zona Euro. El Grupo trabaja por un f
.png)
AmeriCU Mortgage CyberSecurity News
December 04, 2025 12:45 PM
Wealthy North Americans Confident On Economy; Cybersecurity Scares Them – Chubb
A report from one of the largest US insurance groups delves into what HNW citizens fret about, what they are insuring and how confident they...
December 04, 2025 12:19 PM
Cyber Security as a Service Market - Key Players, Capability Assessment & M&A Indicators
Press release - Research Nester Pvt Ltd - Cyber Security as a Service Market - Key Players, Capability Assessment & M&A Indicators...
December 04, 2025 12:15 PM
Saudi Cybersecurity Startup COGNNA Raises $9.2M for Global Expansion
COGNNA, a Saudi AI-led cybersecurity company, is building an Agentic SOC designed to anticipate threats in real time — and it now has fresh...
December 04, 2025 12:00 PM
Rising holiday scams are costing consumers. Here's how to protect your wallet
Cybersecurity expert Eric O'Neill warns that scammers are using AI to personalize holiday attacks with cloned voices and fake delivery...
December 04, 2025 12:00 PM
Brighton Marine Appoints Adam Hellman as Chief Operating Officer, Cybersecurity Leader Stanley F. Lowe as Chief Information Officer
BOSTON, December 04, 2025--Brighton Marine today announced the promotion of Adam Hellman, its general counsel, to chief operating officer.
December 04, 2025 11:31 AM
Orange sounds alarm on cybersecurity crisis
Orange Cyberdefense warned that cybercrime is converging with geopolitics, demanding a rethink of how to respond to digital threats.
December 04, 2025 11:30 AM
This is why specialised hiring in cybersecurity is on the rise in India
As Indian enterprises accelerate digital transformation, the demand for specialised cybersecurity professionals has risen at a remarkable...
December 04, 2025 10:56 AM
Cybersecurity workforce study finds budget constraints stabilising, but skills shortages worsening
ISC2 report reveals how staff and budget cuts are increasing perceived security risk, while rapid AI adoption is reshaping skills...
December 04, 2025 10:55 AM
Exclusive | Cybersecurity Startup 7AI Raises $130 Million in Series A Funding
Agentic AI company closes bumper early-stage round as investors pour funds into AI market.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
AmeriCU Mortgage CyberSecurity History Information
Official Website of AmeriCU Mortgage
The official website of AmeriCU Mortgage is http://www.americu.com.
AmeriCU Mortgage’s AI-Generated Cybersecurity Score
According to Rankiteo, AmeriCU Mortgage’s AI-generated cybersecurity score is 642, reflecting their Poor security posture.
How many security badges does AmeriCU Mortgage’ have ?
According to Rankiteo, AmeriCU Mortgage currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does AmeriCU Mortgage have SOC 2 Type 1 certification ?
According to Rankiteo, AmeriCU Mortgage is not certified under SOC 2 Type 1.
Does AmeriCU Mortgage have SOC 2 Type 2 certification ?
According to Rankiteo, AmeriCU Mortgage does not hold a SOC 2 Type 2 certification.
Does AmeriCU Mortgage comply with GDPR ?
According to Rankiteo, AmeriCU Mortgage is not listed as GDPR compliant.
Does AmeriCU Mortgage have PCI DSS certification ?
According to Rankiteo, AmeriCU Mortgage does not currently maintain PCI DSS compliance.
Does AmeriCU Mortgage comply with HIPAA ?
According to Rankiteo, AmeriCU Mortgage is not compliant with HIPAA regulations.
Does AmeriCU Mortgage have ISO 27001 certification ?
According to Rankiteo,AmeriCU Mortgage is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of AmeriCU Mortgage
AmeriCU Mortgage operates primarily in the Financial Services industry.
Number of Employees at AmeriCU Mortgage
AmeriCU Mortgage employs approximately 49 people worldwide.
Subsidiaries Owned by AmeriCU Mortgage
AmeriCU Mortgage presently has no subsidiaries across any sectors.
AmeriCU Mortgage’s LinkedIn Followers
AmeriCU Mortgage’s official LinkedIn profile has approximately 372 followers.
NAICS Classification of AmeriCU Mortgage
AmeriCU Mortgage is classified under the NAICS code 52, which corresponds to Finance and Insurance.
AmeriCU Mortgage’s Presence on Crunchbase
No, AmeriCU Mortgage does not have a profile on Crunchbase.
AmeriCU Mortgage’s Presence on LinkedIn
Yes, AmeriCU Mortgage maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/americu-mortgage.
Cybersecurity Incidents Involving AmeriCU Mortgage
As of December 04, 2025, Rankiteo reports that AmeriCU Mortgage has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
AmeriCU Mortgage has an estimated 29,885 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at AmeriCU Mortgage ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does AmeriCU Mortgage detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with cyberscout (transunion), and remediation measures with forensic investigation, remediation measures with manual review of compromised data, and recovery measures with notification to affected individuals, recovery measures with 24-month credit monitoring (cyberscout), recovery measures with single bureau credit reports, recovery measures with credit score services, recovery measures with fraud assistance and guidance, and communication strategy with notification letters to affected individuals, communication strategy with public disclosure to massachusetts attorney general, communication strategy with advisories on credit monitoring enrollment (90-day window), communication strategy with guidance on fraud alerts/security freezes with equifax, experian, and transunion, and and and communication strategy with notification letters sent to affected individuals; public disclosure via massachusetts attorney general's office; offer of 24-month credit monitoring (cyberscout)...
Incident Details
Can you provide details on each incident ?
Title: Towne Mortgage Company Ransomware Attack and Data Breach
Description: Full-service mortgage lender Towne Mortgage Company disclosed a major data breach following a ransomware attack by the BlackByte group. Unauthorized access was detected on June 7, 2025, with sample customer data published on the dark web on July 30, 2025. The breach was publicly disclosed on November 14, 2025, after a forensic investigation confirmed that files containing customer data may have been copied. Affected individuals were notified and offered 24-month credit monitoring and fraud assistance services.
Date Detected: 2025-06-07
Date Publicly Disclosed: 2025-11-14
Type: ransomware
Threat Actor: BlackByte ransomware group
Motivation: financial gaindata theft
Title: Towne Mortgage Company Data Breach and Ransomware Attack (2025)
Description: Towne Mortgage Company, a full-service mortgage lender operating since 1982, experienced a significant ransomware attack in June 2025 by the BlackByte group. The breach resulted in the potential exposure of sensitive personally identifiable information (PII) of customers. The incident was first detected on June 7, 2025, and publicly disclosed by BlackByte on July 30, 2025, with sample data posted on the dark web. Towne Mortgage formally notified the Massachusetts Attorney General's office on November 14, 2025. Affected individuals were offered 24-month credit monitoring services and advised to take steps to protect their identities.
Date Detected: 2025-06-07
Date Publicly Disclosed: 2025-07-30
Type: Data Breach
Attack Vector: Ransomware (BlackByte)
Threat Actor: BlackByte
Motivation: Financial (likely ransom demand and/or data theft for resale)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : ransomware AME1192511111525
Brand Reputation Impact: high (potential identity theft and fraud risks)
Identity Theft Risk: high
Incident : Data Breach AME3692536111525
Brand Reputation Impact: High (potential loss of trust among customers, especially in communities relying on their services)
Legal Liabilities: Potential (class action lawsuits and regulatory scrutiny)
Identity Theft Risk: High (PII exposed)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, , Personally Identifiable Information (Pii) and .
Which entities were affected by each incident ?
Incident : ransomware AME1192511111525
Entity Name: Towne Mortgage Company
Entity Type: private company
Industry: mortgage lending
Incident : Data Breach AME3692536111525
Entity Name: Towne Mortgage Company
Entity Type: Private Company
Industry: Financial Services (Mortgage Lending)
Location: Troy, Michigan, USA
Size: 200+ employees
Response to the Incidents
What measures were taken in response to each incident ?
Incident : ransomware AME1192511111525
Incident Response Plan Activated: True
Third Party Assistance: Cyberscout (Transunion).
Remediation Measures: forensic investigationmanual review of compromised data
Recovery Measures: notification to affected individuals24-month credit monitoring (Cyberscout)single bureau credit reportscredit score servicesfraud assistance and guidance
Communication Strategy: notification letters to affected individualspublic disclosure to Massachusetts Attorney Generaladvisories on credit monitoring enrollment (90-day window)guidance on fraud alerts/security freezes with Equifax, Experian, and TransUnion
Incident : Data Breach AME3692536111525
Incident Response Plan Activated: True
Communication Strategy: Notification letters sent to affected individuals; public disclosure via Massachusetts Attorney General's office; offer of 24-month credit monitoring (Cyberscout).
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Cyberscout (TransUnion), , .
Data Breach Information
What type of data was compromised in each breach ?
Incident : ransomware AME1192511111525
Type of Data Compromised: Personal information
Sensitivity of Data: high (potential for identity theft/fraud)
Data Encryption: True
Incident : Data Breach AME3692536111525
Type of Data Compromised: Personally identifiable information (pii)
Sensitivity of Data: High
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: forensic investigation, manual review of compromised data, .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : ransomware AME1192511111525
Ransomware Strain: BlackByte
Data Encryption: True
Data Exfiltration: True
Incident : Data Breach AME3692536111525
Ransomware Strain: BlackByte
Data Encryption: True
Data Exfiltration: True
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through notification to affected individuals, 24-month credit monitoring (Cyberscout), single bureau credit reports, credit score services, fraud assistance and guidance, .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : ransomware AME1192511111525
Regulatory Notifications: Massachusetts Attorney General
Incident : Data Breach AME3692536111525
Legal Actions: Potential class action lawsuits (investigation ongoing by Shamis & Gentile P.A.)
Regulatory Notifications: Massachusetts Attorney General's office (notified on 2025-11-14)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Potential class action lawsuits (investigation ongoing by Shamis & Gentile P.A.).
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Data Breach AME3692536111525
Recommendations: Enroll in the provided 24-month credit monitoring service (Cyberscout)., Place a fraud alert on credit files via Equifax, Experian, or TransUnion., Consider placing a security freeze on credit reports., Regularly monitor financial accounts and credit reports for suspicious activity., Review free credit reports from all three bureaus for errors or unauthorized activity.Enroll in the provided 24-month credit monitoring service (Cyberscout)., Place a fraud alert on credit files via Equifax, Experian, or TransUnion., Consider placing a security freeze on credit reports., Regularly monitor financial accounts and credit reports for suspicious activity., Review free credit reports from all three bureaus for errors or unauthorized activity.Enroll in the provided 24-month credit monitoring service (Cyberscout)., Place a fraud alert on credit files via Equifax, Experian, or TransUnion., Consider placing a security freeze on credit reports., Regularly monitor financial accounts and credit reports for suspicious activity., Review free credit reports from all three bureaus for errors or unauthorized activity.Enroll in the provided 24-month credit monitoring service (Cyberscout)., Place a fraud alert on credit files via Equifax, Experian, or TransUnion., Consider placing a security freeze on credit reports., Regularly monitor financial accounts and credit reports for suspicious activity., Review free credit reports from all three bureaus for errors or unauthorized activity.Enroll in the provided 24-month credit monitoring service (Cyberscout)., Place a fraud alert on credit files via Equifax, Experian, or TransUnion., Consider placing a security freeze on credit reports., Regularly monitor financial accounts and credit reports for suspicious activity., Review free credit reports from all three bureaus for errors or unauthorized activity.
References
Where can I find more information about each incident ?
Incident : Data Breach AME3692536111525
Source: Shamis & Gentile P.A. Investigation Notice
Incident : Data Breach AME3692536111525
Source: Massachusetts Attorney General's Office Disclosure
Date Accessed: 2025-11-14
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Shamis & Gentile P.A. Investigation Notice, and Source: Massachusetts Attorney General's Office DisclosureDate Accessed: 2025-11-14, and Source: BlackByte Dark Web PostDate Accessed: 2025-07-30.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : ransomware AME1192511111525
Investigation Status: completed (forensic investigation and manual review conducted)
Incident : Data Breach AME3692536111525
Investigation Status: Ongoing (class action investigation by Shamis & Gentile P.A.)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notification Letters To Affected Individuals, Public Disclosure To Massachusetts Attorney General, Advisories On Credit Monitoring Enrollment (90-Day Window), Guidance On Fraud Alerts/Security Freezes With Equifax, Experian, And Transunion and Notification letters sent to affected individuals; public disclosure via Massachusetts Attorney General's office; offer of 24-month credit monitoring (Cyberscout)..
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : ransomware AME1192511111525
Stakeholder Advisories: Credit Monitoring Enrollment (Within 90 Days), Fraud Alert/Security Freeze Guidance, Regular Review Of Financial Statements And Credit Reports.
Customer Advisories: enroll in 24-month credit monitoring via Cyberscoutplace fraud alerts/security freezes with credit bureausmonitor financial accounts for unauthorized activity
Incident : Data Breach AME3692536111525
Customer Advisories: Notification letters with enrollment instructions for credit monitoring (Cyberscout).Guidance on placing fraud alerts and security freezes.Advice to monitor financial accounts and credit reports.
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Credit Monitoring Enrollment (Within 90 Days), Fraud Alert/Security Freeze Guidance, Regular Review Of Financial Statements And Credit Reports, Enroll In 24-Month Credit Monitoring Via Cyberscout, Place Fraud Alerts/Security Freezes With Credit Bureaus, Monitor Financial Accounts For Unauthorized Activity, , Notification Letters With Enrollment Instructions For Credit Monitoring (Cyberscout)., Guidance On Placing Fraud Alerts And Security Freezes., Advice To Monitor Financial Accounts And Credit Reports. and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : ransomware AME1192511111525
High Value Targets: Customer Personal Data,
Data Sold on Dark Web: Customer Personal Data,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : ransomware AME1192511111525
Corrective Actions: Credit Monitoring Services For Affected Individuals, Fraud Prevention Guidance,
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Cyberscout (Transunion), , .
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Credit Monitoring Services For Affected Individuals, Fraud Prevention Guidance, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an BlackByte ransomware group and BlackByte.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-06-07.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-07-30.
Impact of the Incidents
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was cyberscout (transunion), , .
Data Breach Information
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Potential class action lawsuits (investigation ongoing by Shamis & Gentile P.A.).
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Place a fraud alert on credit files via Equifax, Experian, or TransUnion., Regularly monitor financial accounts and credit reports for suspicious activity., Enroll in the provided 24-month credit monitoring service (Cyberscout)., Review free credit reports from all three bureaus for errors or unauthorized activity. and Consider placing a security freeze on credit reports..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Shamis & Gentile P.A. Investigation Notice, Massachusetts Attorney General's Office Disclosure and BlackByte Dark Web Post.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is completed (forensic investigation and manual review conducted).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was credit monitoring enrollment (within 90 days), fraud alert/security freeze guidance, regular review of financial statements and credit reports, .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an enroll in 24-month credit monitoring via Cyberscoutplace fraud alerts/security freezes with credit bureausmonitor financial accounts for unauthorized activity and Notification letters with enrollment instructions for credit monitoring (Cyberscout).Guidance on placing fraud alerts and security freezes.Advice to monitor financial accounts and credit reports.
.png)
Latest Global CVEs (Not Company-Specific)
Description
MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8.
Risk Information
cvss3
Base: 6.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Description
XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.
Description
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.
Description
Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in the authentication flow. This vulnerability is fixed in 5.9.8.
Risk Information
cvss4
Base: 9.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of Service. Small numbers go through this call stack: NativeNumber.numTo > DToA.JS_dtostr > DToA.JS_dtoa > DToA.pow5mult where pow5mult attempts to raise 5 to a ridiculous power. This vulnerability is fixed in 1.8.1, 1.7.15.1, and 1.7.14.1.
Risk Information
cvss4
Base: 5.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=americu-mortgage' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
