InterTech Group Hit by Akira Ransomware Attack, Exposing 17GB of Sensitive Data
The InterTech Group, Inc., a private holding company based in North Charleston, South Carolina, suffered a data breach after the Akira ransomware group claimed responsibility for the attack on November 19, 2025. The cybercriminals posted details on the Tor network, revealing they had exfiltrated 17 GB of data, including highly sensitive personal and corporate information.
The stolen data encompassed employee records Social Security numbers, passports, driver’s licenses, Mexican IDs, phone numbers, addresses, and emails as well as relatives’ personal information. Additionally, the breach exposed confidential company documents, such as financial records, contracts, nondisclosure agreements, and client data.
The Massachusetts Office of Consumer Affairs and Business Regulation confirmed the breach was disclosed to regulators on February 28, 2026, with 43 Massachusetts residents affected. While the exposed data included personally identifiable information (PII), such as driver’s licenses and Social Security numbers, no protected health information (PHI) was reported.
In response, InterTech Group notified impacted individuals and offered 24 months of complimentary credit monitoring and identity protection services through Kroll. The company provided enrollment instructions and advised affected parties to monitor their credit reports and financial accounts for suspicious activity. Akira, known for data exfiltration and ransom demands, has previously targeted organizations across multiple sectors.
Source: https://www.claimdepot.com/data-breach/intertech-2026
NPG Security Services cybersecurity rating report: https://www.rankiteo.com/company/intertech-group-inc.
"id": "INT1772490694",
"linkid": "intertech-group-inc.",
"type": "Ransomware",
"date": "11/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': '43 Massachusetts residents',
'location': 'North Charleston, South Carolina',
'name': 'InterTech Group, Inc.',
'type': 'Private holding company'}],
'customer_advisories': 'Advised affected parties to monitor credit reports '
'and financial accounts for suspicious activity',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': ['Social Security '
'numbers',
'Passports',
'Driver’s licenses',
'Mexican IDs',
'Phone numbers',
'Addresses',
'Emails'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Employee records',
'Financial records',
'Contracts',
'Nondisclosure agreements',
'Client data']},
'date_detected': '2025-11-19',
'date_publicly_disclosed': '2026-02-28',
'description': 'The InterTech Group, Inc. suffered a data breach after the '
'Akira ransomware group claimed responsibility for the attack, '
'exposing 17GB of sensitive data including employee records, '
'financial documents, and client data.',
'impact': {'data_compromised': '17 GB', 'identity_theft_risk': 'High'},
'motivation': 'Data exfiltration and ransom demands',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Akira'},
'references': [{'source': 'Tor network (Akira ransomware group)'},
{'source': 'Massachusetts Office of Consumer Affairs and '
'Business Regulation'}],
'regulatory_compliance': {'regulatory_notifications': 'Disclosed to '
'Massachusetts Office '
'of Consumer Affairs '
'and Business '
'Regulation'},
'response': {'communication_strategy': 'Notified impacted individuals, '
'offered credit monitoring and '
'identity protection services',
'third_party_assistance': 'Kroll (credit monitoring and identity '
'protection services)'},
'threat_actor': 'Akira ransomware group',
'title': 'InterTech Group Hit by Akira Ransomware Attack',
'type': 'Ransomware'}