HackerFeeds
All ransomware incidents
themortgagefirm.com

Ransomware group clop hits THEMORTGAGEFIRM.COM

CRITICAL
·Financial Services·US·2026-02-14

THEMORTGAGEFIRM.COM — a financial services target operating in US has been listed by the clop ransomware group on 2026-02-14. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.

Incident Report

Target OrganizationTHEMORTGAGEFIRM.COM
Threat Group
clop
Summary[AI generated] TheMortageFirm.com is a digital platform for The Mortgage Firm, Inc., a provider of mortgage finance services. Founded in 1995 and headquartered in Altamonte Springs, Florida, this company offers direct residential lending services to clients. Services include home loans, refinancing, and loan consultation. The online platform allows clients to apply for loans, make payments, and access information about mortgage processes.
Date of Breach2026-02-14
Discovery Date2026-02-14
RegionUS
Target DomainTHEMORTGAGEFIRM.COM
Business SectorFinancial Services
Severity
CRITICAL

Claim by clop

[AI generated] TheMortageFirm.com is a digital platform for The Mortgage Firm, Inc., a provider of mortgage finance services. Founded in 1995 and headquartered in Altamonte Springs, Florida, this company offers direct residential lending services to clients. Services include home loans, refinancing, and loan consultation. The online platform allows clients to apply for loans, make payments, and access information about mortgage processes.

Posted by the clop threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.

Sources

Victim website

THEMORTGAGEFIRM.COM

Leak post (onion / Tor)

tor

http://santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion/themortgagefirm-com

Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.

Disclaimer

HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.