Mortgage Officer Email Privacy Breach: Former Stockton Loan Officers Sue Company
A concerning legal battle is unfolding involving two former mortgage officers from Stockton Mortgage, raising serious questions about employee privacy and the extent of employer monitoring. Christopher and Ashley Hoehn, a married couple who previously worked at Stockton’s Huntsville, Alabama office, have filed a lawsuit alleging the company illegally accessed their personal Gmail accounts and subsequently published private emails as part of a separate legal dispute.
The Allegations
According to court documents filed on March 18th in the US District Court for the Northern District of Alabama, Ashley joined Stockton in May 2024, followed by Christopher in November 2024. Both served as loan officers until their departure on September 22, 2025. The couple claims that beginning in August 2025, Stockton and unnamed individuals utilized forensic tools to repeatedly access their personal Gmail accounts, extracting private emails containing sensitive financial information.
What’s particularly alarming is the assertion that this access continued even after their employment ended and company-issued laptops were returned. The lawsuit alleges that these private communications, including details about Christopher Hoehn’s salary and a personal loan, were included as exhibits in a separate lawsuit Stockton filed against the Hoehns and other former employees – and were made publicly available on a court docket without redaction.
Evidence Presented
The Hoehns point to metadata within the emails as key evidence supporting their claims. Specifically, they highlight an “Event Date” stamp – a field not typically present in standard Gmail communications but commonly generated by forensic investigation software. Three dates appear consistently across the exhibits: August 26, September 8, and September 23, 2025, with the last date occurring just one day after their departure from Stockton.
Further raising concerns, data from Ashley Hoehn’s Gmail account reportedly shows access from a Windows computer on November 1, 2025 – over a month after she left Stockton and after both laptops were supposedly returned. Notably, Ashley states she does not own a Windows computer.
Stockton’s Response
Stockton, through its legal counsel, vehemently denies any unauthorized access to the Hoehns’ personal accounts. The company maintains that the emails were obtained through a Data Loss Prevention (DLP) service implemented on company-issued devices. Furthermore, Stockton claims the laptops weren’t returned until December 24, 2025, a timeline disputed by the Hoehns, who assert evidence indicates Stockton possessed the devices by October 30th at the latest.
The Employee Handbook and Monitoring Policies
The lawsuit highlights a critical point regarding company policy. The employee handbook, signed by both Christopher and Ashley Hoehn, explicitly stated that Stockton could monitor its own equipment and communications systems. However, it contained no mention of monitoring personal accounts hosted by third-party providers like Google. This omission forms a central argument in the Hoehns’ case.
Implications for the Mortgage Industry
This case raises crucial questions for mortgage companies and employers across all industries: How far can an employer legally go when investigating departing employees, particularly mortgage officers who handle sensitive financial information? Where does the legitimate protection of company interests end, and an employee’s right to personal digital privacy begin? The case also underscores the importance of clear and comprehensive policies regarding employee monitoring and data security.
As the case remains in its early stages, no court ruling has been made on the merits. However, it’s a developing situation that warrants close attention from anyone involved in the mortgage industry and those concerned about digital privacy rights. For more information on data privacy laws, you can visit the Federal Trade Commission’s website.
