Anywhere Real Estate Data Breach Exposes Employee Information

Anywhere Real Estate is the real estate industry’s latest data breach victim. The firm discovered that there had been a cybersecurity incident impacting its Oracle E-Business Suite (EBS) environment in late November.

The breach was officially disclosed to attorneys general in Maine, New Hampshire, Texas and Vermont, as well as the Massachusetts Office of Consumer Affairs and Business Regulation in early February. According to these disclosures, the incident impacted 17,429 individuals, including 1,487 in Texas, 658 in Massachusetts, 151 in New Hampshire and 69 in Maine. 

Additionally, the disclosures note that the incident impacted individuals associated with Anywhere, Cartus, National Realty Trust, Title Resources Group and Real Estate Franchise Group. 

“Late last year, Oracle disclosed a global software vulnerability. Following a thorough review, we identified limited impact, which ultimately allowed access to historical employee data. Impacted individuals were notified directly and offered complimentary credit monitoring and identity protection services. We took immediate steps to secure our systems and prevent further risk,” an Anywhere spokesperson wrote in an emailed statement.

Ransomware group CL0P has claimed responsibility for the attack, in which an intruder gained access to Anywhere’s Oracle EBS environment and downloaded sensitive data, including information about franchisees and brokers, as well as current and former employees. This personal information included names, addresses, contact information, dates of birth, Social Security numbers and basic job details. CL0P threatened to release this information if their demands were not met. 

The company told HousingWire that there was no impact to business operations and no consumer transaction data was involved in the breach. 

In a notice letter sent to impacted individuals in late 2025, Anywhere said it has worked closely with Oracle and other cybersecurity experts to contain the threat and address vulnerabilities. Anywhere is providing two years of complimentary credit monitoring and identity protection services through Experian IdentityWorks to impacted individuals. 

“Protecting personal information remains a top priority, and we continue to apply industry-leading security measures to safeguard data,” the spokesperson added.