MTI America Suffers Ransomware Attack by Sinobi Group, Exposing Sensitive Data
MTI America, a healthcare solutions provider specializing in workers’ compensation, disclosed a data breach affecting an undisclosed number of individuals after a ransomware attack by the Sinobi group. The incident was reported to the New Hampshire Attorney General on February 6, 2026, following unauthorized access to the company’s network between September 6 and 9, 2025.
MTI America detected the breach on October 10, 2025, and launched an investigation with third-party cybersecurity experts. The Sinobi group claimed responsibility on October 8, 2025, via a dark web post, asserting they had exfiltrated 120 GB of data, including financial records, customer information, and contracts. The threat actors warned they would publish the stolen data within a week.
A forensic review revealed that the breach exposed names and Social Security numbers of five New Hampshire residents, who were notified by mail on February 6, 2026. MTI America has since implemented additional security measures to prevent further unauthorized access.
In response, the company is offering 12 months of complimentary credit monitoring and identity protection services to affected individuals. The breach underscores the ongoing risks of ransomware attacks targeting healthcare and financial data.
Source: https://www.claimdepot.com/data-breach/mti-america-2026
MTI America cybersecurity rating report: https://www.rankiteo.com/company/mtiamerica
"id": "MTI1770415079",
"linkid": "mtiamerica",
"type": "Ransomware",
"date": "9/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Undisclosed number of '
'individuals (5 New Hampshire '
'residents confirmed)',
'industry': 'Healthcare/Workers’ Compensation',
'name': 'MTI America',
'type': 'Healthcare Solutions Provider'}],
'customer_advisories': '12 months of complimentary credit monitoring and '
'identity protection services offered to affected '
'individuals',
'data_breach': {'data_exfiltration': 'Yes (120 GB of data)',
'personally_identifiable_information': 'Yes (names, Social '
'Security numbers)',
'sensitivity_of_data': 'High (Personally Identifiable '
'Information, financial data)',
'type_of_data_compromised': ['Financial records',
'Customer information',
'Contracts',
'Social Security numbers']},
'date_detected': '2025-10-10',
'date_publicly_disclosed': '2026-02-06',
'description': 'MTI America, a healthcare solutions provider specializing in '
'workers’ compensation, disclosed a data breach affecting an '
'undisclosed number of individuals after a ransomware attack '
'by the Sinobi group. The incident exposed names and Social '
'Security numbers of five New Hampshire residents, who were '
'notified by mail. The company is offering 12 months of '
'complimentary credit monitoring and identity protection '
'services to affected individuals.',
'impact': {'data_compromised': '120 GB of data, including financial records, '
'customer information, and contracts',
'identity_theft_risk': 'High (Social Security numbers exposed)'},
'investigation_status': 'Ongoing (as of disclosure)',
'post_incident_analysis': {'corrective_actions': 'Additional security '
'measures implemented'},
'ransomware': {'data_exfiltration': 'Yes'},
'recommendations': 'Enhanced security measures to prevent unauthorized '
'access; credit monitoring and identity protection '
'services for affected individuals',
'references': [{'source': 'New Hampshire Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'Reported to New '
'Hampshire Attorney '
'General'},
'response': {'communication_strategy': 'Notification by mail to affected '
'individuals',
'incident_response_plan_activated': 'Yes',
'remediation_measures': 'Additional security measures '
'implemented',
'third_party_assistance': 'Yes (cybersecurity experts)'},
'threat_actor': 'Sinobi Group',
'title': 'MTI America Suffers Ransomware Attack by Sinobi Group, Exposing '
'Sensitive Data',
'type': 'Ransomware'}