Canadian scientific consulting service, JASCO Applied Sciences, has started notifying US residents of a data breach following a cyber attack that started in July 2025. Ransomware gang Rhysida claimed the attack in October, issuing a 10 bitcoin ransom demand (USD $1.22 million/CAD $1.71 million) to delete the stolen data.
According to JASCO’s data breach notification, unauthorized access to its systems was discovered on July 21, 2025. It states that, at the time, it had “no reason to believe that any personal information was involved.” But, “on or around October
20, 2025, we became aware that some personal information had been acquired.”
The breach impacted employees with the data including:
Names and contact information (including emergency contacts)
Date of birth, nationality, and marital status
Bank account numbers
Social Security numbers, US I-9 verification information, and tax information
Driver’s license numbers
Health card numbers
Passport information
So far, 66 US residents have been informed of the attack.
In its proof pack, Rhysida included various screenshots of identity documents. JASCO hasn’t commented on Rhysida’s claims, whether or not a ransom was demanded and/or paid, or how hackers infiltrated its systems. We have contacted the company for more information and will update this article if we receive a response.
Who is Rhysida?
Rhysida is thought to have ties to the ransomware group Vice Society and first originated in May 2023. Since then, we ha
TPRM report: https://www.rankiteo.com/company/jasco-applied-sciences
"id": "jas1764259630.13906",
"linkid": "jasco-applied-sciences",
"type": "Ransomware",
"date": "2025-07-21T00:00:00.000Z",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': '66 US residents',
'industry': 'Scientific Consulting',
'location': 'Canada',
'name': 'JASCO Applied Sciences',
'size': None,
'type': 'Private Company'}],
'customer_advisories': 'Data breach notifications sent to 66 '
'affected US residents',
'data_breach': {'data_encryption': None,
'data_exfiltration': 'Confirmed (screenshots of '
'identity documents '
'published by Rhysida)',
'file_types_exposed': ['Identity documents '
'(screenshots)',
'Employment records (I-9, '
'tax info)'],
'number_of_records_exposed': '66 (US residents)',
'personally_identifiable_information': 'Yes '
'(names, '
'SSNs, '
'driver’s '
'licenses, '
'passports, '
'health '
'cards, '
'etc.)',
'sensitivity_of_data': 'High (includes SSNs, '
'bank details, passports, '
'health cards)',
'type_of_data_compromised': ['Personally '
'Identifiable '
'Information (PII)',
'Financial Data',
'Health Information',
'Government-Issued '
'IDs',
'Employment '
'Records']},
'date_detected': '2025-07-21',
'date_publicly_disclosed': '2025-10-20',
'description': 'Canadian scientific consulting service JASCO '
'Applied Sciences suffered a cyber attack '
'starting in July 2025, leading to a data breach '
'affecting US residents. The Rhysida ransomware '
'gang claimed responsibility in October 2025, '
'demanding a 10 bitcoin ransom (USD $1.22 '
'million/CAD $1.71 million) to delete stolen '
'data. Personal information of 66 US residents, '
'including names, contact details, financial '
'data, SSNs, and health records, was compromised.',
'impact': {'brand_reputation_impact': 'Potential reputational '
'damage due to breach of '
'sensitive personal data',
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': ['Names and contact information '
'(including emergency contacts)',
'Date of birth, nationality, and '
'marital status',
'Bank account numbers',
'Social Security numbers',
'US I-9 verification information',
'Tax information',
'Driver’s license numbers',
'Health card numbers',
'Passport information'],
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High (SSNs, financial data, '
'and identity documents '
'exposed)',
'legal_liabilities': None,
'operational_impact': None,
'payment_information_risk': 'High (bank account '
'numbers and tax '
'information compromised)',
'revenue_loss': None,
'systems_affected': None},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': 'Likely '
'(Rhysida '
'published '
'proof pack '
'with stolen '
'data)',
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Ongoing (company contacted for further '
'details; no response yet)',
'motivation': 'Financial (Ransom)',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': 'Confirmed',
'ransom_demanded': '10 bitcoin (USD $1.22 million '
'/ CAD $1.71 million)',
'ransom_paid': None,
'ransomware_strain': 'Rhysida'},
'references': [{'date_accessed': None,
'source': 'Cybersecurity news article '
'(unspecified)',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Data breach '
'notifications sent to '
'affected US residents',
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': 'Yes (discovery '
'on July 21, '
'2025; public '
'disclosure in '
'October 2025)',
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'threat_actor': 'Rhysida',
'title': 'JASCO Applied Sciences Data Breach and Ransomware '
'Attack (2025)',
'type': ['Data Breach', 'Ransomware Attack']}