Home
>
Data Breach>Impac Mortgage

Impac Mortgage Holdings Data Breach Exposes Social Security Numbers for 61k

Published
April 18, 2026
Updated
May 7, 2026
Impac Mortgage Holdings Data Breach Exposes Social Security Numbers for 61k
Impac Mortgage
Affected by the data breach? You may be entitled to compensation. Submit a claim today.

Irvine, California based Impac Mortgage Holdings disclosed a data breach involving unauthorized access to its computer systems that affected a total of 61,066 individuals, including 1,431 residents of Texas, 1,206 of Washington, 182 of Indiana, 29 of Massachusetts and 18 of New Hampshire.

On March 20, 2024, Impac Mortgage Holdings identified signs of potential unauthorized access to its computer systems. The company launched an investigation to determine the nature and scope of the event.

Working alongside third-party professionals, the company determined that an unknown actor may have gained access to certain files and folders containing protected information, including names, addresses, and Social Security numbers.

The unauthorized access took place during a roughly four-week window between Feb. 21, 2024, and March 20, 2024. The company completed its review and began sending notification letters in late March 2026, roughly two years after the unauthorized access was first detected.

The breach was reported to attorneys general in California, Indiana, Maine, Massachusetts, New Hampshire, Oregon, Texas, Vermont and Washington. The company began sending written notifications to affected individuals on March 27, 2026.

Impac Mortgage Holdings' response

Impac Mortgage Holdings is offering affected individuals 12 months of free credit monitoring services through Cyberscout, a TransUnion company. The monitoring package includes single bureau credit monitoring, a single bureau credit report and a single bureau credit score.

Affected individuals are not automatically enrolled in the credit monitoring services and must sign up on their own. To enroll, they can visit the Cyberscout activation page and enter the unique code included in their notification letter.

For questions about the breach or the credit monitoring offer, affected individuals can call the dedicated response line at 833-877-5456, Monday through Friday, 8:00 a.m. to 8:00 p.m. EST, excluding holidays.

SUBMIT YOUR CLAIM TO THE LAW FIRM HANDLING THIS INVESTIGATION

Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info
  • Affected information types not yet disclosed

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Sources

Disclosures

Breach Summary

Affected Entity
Impac Mortgage
Consumers Notification date
March 27, 2026
Date of Breach
February 21, 2024
Breach Discovered Date
March 20, 2024
Total People Affected
61066
Information Types Exposed
  • Name of individual
  • Address
  • Social Security Number Information
  • Name
  • Social Security Number
  • Social Security number
  • name
  • social security numbers

Data Breach Settlements

Flagstar Bank $31.5M Data Breach Class Action Settlement
Thompson Coburn $7,500,000 Data Breach Settlement
Esse Health $2.53M Data Breach Class Action Settlement
LA Financial Federal Credit Union $725K Data Breach Settlement
Fitzgerald Wealth Management Data Breach Settlement
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image

What to Read Next

FRCC Data Breach: Social Security Numbers Exposed
May 15, 2026
FRCC Data Breach: Social Security Numbers Exposed
Hemic Data Breach: Social Security Numbers Exposed
May 15, 2026
Hemic Data Breach: Social Security Numbers Exposed
Bonick Landscaping Data Breach Exposes Personal and Medical Details
May 15, 2026
Bonick Landscaping Data Breach Exposes Personal and Medical Details
Totem Lake Dentistry Breach Exposes PHI and PII
May 15, 2026
Totem Lake Dentistry Breach Exposes PHI and PII