PacRes Mortgage Discloses Data Breach Following Ransomware Attack

On February 10, 2025, Pacific Residential Mortgage, LLC (PacRes Mortgage) experienced a ransomware attack that compromised sensitive consumer data. The incident involved cybercriminals from the ransomware group known as LYNX, who gained unauthorized access to the company's systems, locking down critical data and demanding ransom.

The LYNX ransomware group publicly posted about the attack on February 24, 2025, on their dark web portal, claiming responsibility and providing sample screenshots of the stolen data.

According to the company's investigation, the cybercriminals accessed personally identifiable information (PII) belonging to customers. The exposed data includes names, addresses, dates of birth, Social Security numbers, driver's license numbers, and financial account information.

The breach affected an undisclosed number of individuals, and due to the sensitive nature of the exposed information—including Social Security numbers and financial details—the incident is considered severe.

The company officially disclosed the breach to the California Attorney General's office on March 27, 2025, the Massachusetts AG's office the next day on the 28th, and the New Hampshire AG's office on April 4th.

A total of 35,525 Americans have been affected.

Pacific Residential Mortgage's response

PacRes Mortgage hired a cybersecurity firm to secure their systems and conduct a comprehensive investigation. The affected systems were quickly restored from backups, and law enforcement authorities were notified of the incident. The forensic investigation determined that the cybercriminals accessed and potentially obtained sensitive consumer information.

In response to the breach, PacRes Mortgage is providing affected individuals with complimentary Single Bureau Credit Monitoring services for twelve months. These services offer alerts whenever changes occur to an individual's credit file, helping to detect and respond quickly to potential fraudulent activities.

Additionally, PacRes Mortgage has partnered with Cyberscout, a TransUnion company specializing in fraud assistance and remediation services, to offer proactive fraud assistance to affected customers.

Affected individuals are encouraged to enroll in the credit monitoring service within 90 days from the date of the notification letter. Enrollment instructions and a unique activation code are provided in the notice sent to consumers. For more information on identity theft protection, consumers can visit the Federal Trade Commission's identity theft resource.

Consumers affected by this breach should remain vigilant, regularly monitor their financial accounts and credit reports, and promptly report any suspicious activity or suspected misuse of personal information. Individuals can also consider placing fraud alerts or security freezes on their credit reports through the three major credit bureaus: Equifax, Experian, and TransUnion.

The full Notice to Consumers provided by PacRes Mortgage is available at the bottom of this page in PDF format.

For more information, visit the official PacRes Mortgage website.