HYTORC Division of UNEX Corporation: HYTORC Data Breach Exposes Social Security numbers

HYTORC Division of UNEX Corporation Hit by Qilin Ransomware Attack, Exposing PII

HYTORC Division of UNEX Corporation, a leading manufacturer of industrial bolting tools, disclosed a data security breach on February 5, 2026, after the Qilin ransomware group claimed responsibility for the attack. The incident, first reported to the Massachusetts Office of Consumer Affairs and Business Regulation, initially affected four Massachusetts residents, though the full nationwide impact remains unspecified.

The breach occurred on November 24, 2025, when Qilin infiltrated HYTORC’s systems, exfiltrated data, and deployed ransomware. The group threatened to leak or sell the stolen information if demands were not met. Compromised data included Social Security numbers and other personally identifiable information (PII).

In response, HYTORC notified affected individuals and authorities, offering 24 months of complimentary identity protection services through Cyberscout (a TransUnion company), including credit monitoring, dark web surveillance, and a $1 million identity fraud reimbursement policy. Enrollment is available until May 5, 2026. The company also provided guidance on placing credit freezes and fraud alerts with Equifax, Experian, and TransUnion.

The incident underscores the ongoing threat of ransomware attacks targeting industrial and manufacturing sectors, with attackers increasingly leveraging stolen PII for extortion.

Source: https://www.claimdepot.com/data-breach/hytorc-2026

HYTORC cybersecurity rating report: https://www.rankiteo.com/company/hytorc-division-unex-corporation

"id": "HYT1770409233",
"linkid": "hytorc-division-unex-corporation",
"type": "Ransomware",
"date": "11/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'At least 4 (initially reported '
                                              'in Massachusetts)',
                        'industry': 'Industrial bolting tools',
                        'location': 'United States',
                        'name': 'HYTORC Division of UNEX Corporation',
                        'type': 'Manufacturer'}],
 'customer_advisories': 'Offered 24 months of complimentary identity '
                        'protection services through Cyberscout, including '
                        'credit monitoring, dark web surveillance, and a $1 '
                        'million identity fraud reimbursement policy. '
                        'Enrollment available until May 5, 2026.',
 'data_breach': {'data_encryption': True,
                 'data_exfiltration': True,
                 'personally_identifiable_information': 'Social Security '
                                                        'numbers, other PII',
                 'sensitivity_of_data': 'High (Social Security numbers)',
                 'type_of_data_compromised': 'Personally Identifiable '
                                             'Information (PII)'},
 'date_detected': '2025-11-24',
 'date_publicly_disclosed': '2026-02-05',
 'description': 'HYTORC Division of UNEX Corporation, a leading manufacturer '
                'of industrial bolting tools, disclosed a data security breach '
                'after the Qilin ransomware group claimed responsibility for '
                'the attack. The breach exposed Social Security numbers and '
                'other personally identifiable information (PII). The incident '
                'was reported to the Massachusetts Office of Consumer Affairs '
                'and Business Regulation, initially affecting four '
                'Massachusetts residents, though the full nationwide impact '
                'remains unspecified.',
 'impact': {'data_compromised': 'Social Security numbers and other personally '
                                'identifiable information (PII)',
            'identity_theft_risk': 'High'},
 'lessons_learned': 'The incident underscores the ongoing threat of ransomware '
                    'attacks targeting industrial and manufacturing sectors, '
                    'with attackers increasingly leveraging stolen PII for '
                    'extortion.',
 'motivation': 'Extortion',
 'ransomware': {'data_encryption': True,
                'data_exfiltration': True,
                'ransomware_strain': 'Qilin'},
 'recommendations': 'Affected individuals were advised to place credit freezes '
                    'and fraud alerts with Equifax, Experian, and TransUnion. '
                    'Organizations should enhance monitoring and response '
                    'strategies for ransomware threats.',
 'references': [{'source': 'Massachusetts Office of Consumer Affairs and '
                           'Business Regulation'}],
 'regulatory_compliance': {'regulatory_notifications': 'Massachusetts Office '
                                                       'of Consumer Affairs '
                                                       'and Business '
                                                       'Regulation'},
 'response': {'communication_strategy': 'Notification to affected individuals '
                                        'and authorities, offering identity '
                                        'protection services',
              'third_party_assistance': 'Cyberscout (a TransUnion company)'},
 'threat_actor': 'Qilin ransomware group',
 'title': 'HYTORC Division of UNEX Corporation Hit by Qilin Ransomware Attack, '
          'Exposing PII',
 'type': 'Ransomware'}

HYTORC Division of UNEX Corporation: HYTORC Data Breach Exposes Social Security numbers

DocketWise: DocketWise Data Breach Lawsuit Investigation

Trivy and European Commission: European Commission breach exposed data of 30 EU entities, CERT-EU says

XTIUM: XTIUM Named in Unverified Dark Web Breach Claim by “The_Auditors”