AppFolio Data Breach Exposes Personal Information
What Happened?
AppFolio, Inc., a property management software company, recently confirmed a data breach involving a third-party vendor, Salesloft, which provides sales enablement software. On August 22, 2025, AppFolio learned that unauthorized access occurred between August 8 and August 18, 2025, allowing an unknown actor to retrieve data from AppFolio’s CRM system.
Once the company detected the issue, AppFolio immediately disabled all Salesloft integrations and launched an in-depth investigation. The investigation revealed that the attacker made data requests from a specific location that contained personal information. While AppFolio could not determine the exact data accessed, the company confirmed that the affected records may have included the names and Social Security numbers 5,056 Texas residents, 148 in Maine, 932 Massachusetts residents, 337 in Montana and 231 in New Hampshire.
When AppFolio Notified Impacted Individuals
On October 6, 2025, AppFolio began mailing data breach notification letters to impacted New Hampshire residents. The letters were sent in compliance with New Hampshire’s data breach law (N.H. Rev. Stat. Ann. § 359-C:20). Each affected person received details about the incident, along with an offer for one year of complimentary credit monitoring and identity protection services.
To assist victims, AppFolio also established a dedicated toll-free call center where individuals can ask questions and learn how to protect their information.
What AppFolio Is Doing to Prevent Future Breaches
In response to the incident, AppFolio has been working closely with Salesloft to ensure that stronger cybersecurity measures are implemented. These measures aim to prevent future unauthorized access and safeguard the sensitive data of customers and users across all platforms.
Steps You Can Take to Protect Your Information
If you received a notification from AppFolio, you should take the following steps immediately to secure your personal information:
1. Place a Fraud Alert
You can request a fraud alert from any of the three major credit bureaus—Equifax, Experian, or TransUnion. This alert makes it harder for identity thieves to open new accounts in your name.
2. Freeze Your Credit Report
A credit freeze (also known as a security freeze) prevents creditors from accessing your credit file. This action stops new credit accounts from being opened without your consent. Placing a freeze is free and can be done with each credit bureau:
- Equifax: PO Box 105788, Atlanta, GA 30348 — www.equifax.com
- Experian: PO Box 9554, Allen, TX 75013 — www.experian.com
- TransUnion: PO Box 160, Woodlyn, PA 19094 — www.transunion.com
Once your request is processed, you’ll receive a unique PIN or password to manage or lift your freeze later.
3. Monitor Your Accounts
Regularly review your bank, credit, and insurance statements for suspicious activity. If you notice unauthorized charges, report them to your financial institution right away.
Legal Help?
If your personal data was exposed in the AppFolio data breach, you have the right to explore your legal options.
A qualified data breach lawyer can help you understand your rights, determine whether you may be eligible for compensation, and guide you through the process of protecting your financial identity.
Contact us today for a free consultation to discuss your case with an experienced data breach attorney.