Ransomware victim disclosure
← All victimsNew American Funding
Claimed by Everest · listed 1 year ago
Status timeline
- ListedJul 15, 2025
- Data leakeddate unknown
At a glance
- Group
- Everest
- Status
- Data leaked
- Country
- United States
- Sector
- Financial Services
- Listed on leak site
- Jul 15, 2025
About the victim
AI dossier — public-source company profileNew American Funding is a family-owned mortgage lender operating nationwide since 2003. They specialize in FHA, VA, HARP, and conventional home loans, emphasizing efficient processes, technology innovation, and equal housing opportunity compliance.
- Industry
- Mortgage Lending & Financial Services
- Founded
- 2003
Attack summary
Severity: high — Mortgage lender with nationwide customer base; data_published status confirms exfiltration. Mortgage applicants' PII, credit information, and financial records represent regulated sensitive data at scale, despite lack of explicit proof count in excerpt.Everest ransomware group claims to have compromised New American Funding and published data. No specific details on encryption, exfiltration scope, or data categories are provided in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- customer personal information
- mortgage application records
- financial data
Original description
AI-summarised, not from the leak postNew American Funding is a family-owned mortgage lender with a nationwide presence. Since its founding in 2003, the firm has been dedicated to helping Americans finance their homes. They offer a variety of loans including FHA, VA, HARP, and Conventional loans. The company is known for its efficient processes, exceptional service, innovative use of technology, and strong commitment to providing equal housing opportunities.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

