A threat actor has claimed responsibility for an alleged breach involving Hillpointe, a US-based housing development company, with employee and applicant information purportedly exposed online.
According to a forum post published on May 22, the actor claims the alleged breach resulted in the compromise of 81 CSV files totaling approximately 319 MB. The dataset allegedly contains employee records, applicant information, and customer-related data tied to Hillpointe operations.
The claim was published by the same threat actor previously linked to alleged breaches involving Reltio, Peet’s Coffee, Happipad, ReferralRock, and VentureYours.
Employee and hiring records allegedly included
According to the listing, the allegedly exposed data includes:
- Full names
- Email addresses
- Phone numbers
- Residential addresses
- Employment-related information
- Interview question and answer submissions
- Applicant records
The actor also reportedly shared sample records containing personally identifiable information allegedly tied to employees and job applicants.
BreachNews is not reproducing the exposed records due to the sensitivity of the alleged data.
Real estate sector increasingly targeted
The claim adds to a growing number of alleged breaches targeting organizations operating in the real estate, housing, and property management sectors.
Over the past week alone, the same threat actor has claimed intrusions involving multiple platforms tied to housing services, customer management systems, and hospitality-related operations.
While the authenticity of the Hillpointe dataset has not been independently verified, the repeated publication of structured CSV archives and accompanying sample records may indicate ongoing access to vulnerable business platforms or exposed databases.
At time of publication, Hillpointe had not issued any public statement regarding the claims.
BreachNews has not independently verified the alleged breach or confirmed whether Hillpointe systems were compromised.
Repeated breach claims raise credibility questions
The Hillpointe claim is part of a growing stream of alleged breaches posted by the same forum account, which has published dozens of database and access claims since late 2024.
Over the past week alone, the account has claimed breaches involving ReferralRock, VentureYours, Peet’s Coffee, Happipad, Reltio, and multiple additional organizations across the real estate, technology, hospitality, and education sectors.
While several listings have included structured CSV files and sample records that appear internally consistent, none of the organizations tied to the recent campaign have publicly confirmed the alleged intrusions at time of publication.
