Optimum First Mortgage Listed by pear Ransomware Group
Providing fast and reliable mortgage solutions, including home purchases and refinancing options
On June 15, 2026, the pear Ransomware Group added Optimum First Mortgage to its public leak site, confirming that internal files had been exfiltrated from the mortgage lender during a ransomware attack. Customers who used the company for home purchases or refinancing may have had sensitive personal and financial documents exposed.
Confirmed Facts from Reporting
Public reporting indicates the incident stems from a ransomware deployment at Optimum First Mortgage, a firm that offers home purchase and refinancing services. The pear Ransomware Group listed the company on its dark-web leak page on June 15, 2026, stating that internal files had been stolen. Exact victim counts remain undisclosed, and the precise volume or types of records taken have not been independently verified. Available reporting describes the exposed material as internal files, which in similar incidents often include customer loan applications, Social Security numbers, bank details, tax forms, and internal correspondence.
Why This Matters for You and Your Family
If you or anyone in your household has worked with Optimum First Mortgage, your private financial information could now sit on a criminal marketplace. Mortgage records typically contain names, addresses, dates of birth, Social Security numbers, employment history, income figures, bank account numbers, and loan details. Once this data reaches the wrong hands, it can fuel identity theft, fraudulent loan applications, or unauthorized access to your existing accounts. Your family’s exposure does not end at one company; a single breach like this often becomes the starting point for broader targeting that can affect credit scores, tax filings, and even children’s records years later.
The Doxxing and Identity-Chain Implications
Stolen mortgage files rarely stay isolated. Attackers routinely cross-reference names and addresses with usernames, email addresses, phone numbers, and gaming handles found in other leaks. This creates an identity chain that links your real-world identity to online accounts. Public reporting shows these chains frequently lead to doxxing, where personal details are published alongside family photos, children’s names, or school information. Credential leaks of this nature also cascade into account takeovers, especially for gaming platforms where children often reuse email addresses or passwords. A compromise at a mortgage company can therefore place both adult and children’s gaming accounts at risk of hijacking and further data exposure.
Pear Ransomware Group’s Track Record
Public reporting attributes the pear Ransomware Group with emerging in late 2024. The group has listed dozens of organizations on its leak site, focusing primarily on small and mid-sized businesses across the United States. Its typical playbook involves initial access through phishing or exploited remote desktop protocols, followed by data exfiltration before encryption. The group then demands payment and, upon non-payment, publishes samples or full datasets on its onion site to pressure victims. Reporting notes that pear’s extortion style relies on public shaming and the implicit threat that stolen data will be sold or repurposed by other criminals.
What to do
- Run a DoxxScan to map every link between your emails, phone numbers, handles, and real identity so you can see exactly what chains exist from this breach.
- Rotate the password used at Optimum First Mortgage anywhere it is reused and enable 2FA through an authenticator app rather than text messages.
- Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next leak exposing you or your family is caught in hours, not months.
- Cover the household with DoxxScan family coverage that extends to dependents and children’s gaming accounts that often chain back to the same addresses and emails.
- Let remediation specialists handle takedown requests across data brokers and exposed profiles while you focus on securing your own accounts.
The Optimum First Mortgage listing on the pear leak site is a reminder that your family’s financial history can surface on criminal forums without warning. Taking concrete steps now limits how far attackers can travel down the identity chain. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4 billion breach records and more than 100 platforms, AI-powered identity-chain mapping, and hands-on remediation by specialists, with household coverage that includes children’s gaming accounts. Start your DoxxScan trial today to gain visibility and control before the next wave of misuse begins.
Related breaches
Edge Solutions | Stone Ridge Payments Listed by akira Ransomware Group
Edge Solutions is dedicated to leveraging technology to create a better world. With a focus on inte…
Silvestri & Associates Insurance Listed by play Ransomware Group
United States…
Preneed Funeral Programs Listed by play Ransomware Group
United States…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →