Optimum First Mortgage Data Breach: 9.3TB Compromised

Optimum First Mortgage, a mortgage lender headquartered in Huntington Beach, California, has been claimed as a victim of a ransomware attack. Founded in 2009, Optimum First Mortgage operates in 15 states: Arizona, California, Colorado, Florida, Idaho, Illinois, Ohio, Oklahoma, Oregon, Pennsylvania, South Carolina, Tennessee, Texas, Virginia and Washington.

On June 19, 2026, a threat group known as PEAR posted on the dark web that it had obtained 9.3 terabytes of the company's data, reportedly including clients' personal and financial information. The claimed data spans a wide range of categories affecting both clients and employees of the company.

According to the dark web posting, the compromised data reportedly includes financials, human resources records, clients' private data and financial details, personally identifiable information (PII) and protected health information (PHI) records, mailboxes and email correspondence, database exports and OneDrive stored data.

The exact dates when the unauthorized access began and when the company became aware of the intrusion have not been publicly disclosed. The claims made by the PEAR group have not been independently confirmed at this time.

The total number of individuals potentially affected remains undisclosed.

Optimum First Mortgage's response to the breach

As of June 25, 2026, no public statement from Optimum First Mortgage regarding the incident has been made. It is not known whether the company has begun notifying affected individuals, contacted law enforcement or engaged a cybersecurity firm to investigate the attack.

Individuals who believe they may have been affected should remain vigilant by reviewing bank statements for any inconsistencies and reaching out directly to Optimum First Mortgage for additional information.