Optima Tax Relief, a prominent U.S. tax resolution firm, was recently targeted by the Chaos ransomware group in a significant cyberattack. The incident resulted in the theft and public leak of approximately 69 GB of sensitive data, which included both corporate documents and detailed customer case files.
The attack employed double-extortion tactics: the Chaos group not only encrypted Optima’s internal servers—presumably to hold them for ransom—but also exfiltrated sensitive data before threatening to release it publicly. The leaked information contains highly sensitive personal data such as Social Security numbers, home addresses, phone numbers, and other personally identifiable information (PII), which are particularly valuable for identity theft and financial fraud.
Key Details
• Type of Attack: Double-extortion ransomware (data theft and server encryption).
• Data Stolen: 69 GB, including corporate and customer files with sensitive PII.
• Information at Risk: Social Security numbers, addresses, phone numbers, tax documents, and potentially financial disclosures.
• Impact: The breach exposes affected individuals to heightened risk of identity theft, fraud, and social engineering attacks. The stolen data can be used for years to fuel secondary fraudulent activities.
• Company Response: As of the latest reports, Optima Tax Relief has not issued an official public statement, nor has it notified affected customers or relevant government authorities.
• Chaos Ransomware Group is a relatively new ransomware operation, distinct from the older “Chaos ransomware builder.” The group has claimed several victims since its emergence in March of this year, including the Salvation Army.
