Silverado Contractors, Inc., a California-based demolition and excavation firm, suffered a ransomware attack by the LYNX ransomware group on December 18, 2024, which was detected on December 30, 2024. The attackers infiltrated internal systems, exfiltrated sensitive data, and posted sample screenshots on their dark web portal. The breach exposed personally identifiable information (PII) of current and former employees, including: - Full names - Contact details - Dates of birth - Social Security numbers - Driver’s license numbers - Financial account information - Health insurance details Affected individuals were notified via mail in November 2025, nearly a year later. The breach was also reported to the California Attorney General’s office. The incident poses severe risks of identity theft, financial fraud, and long-term reputational damage to the company and its employees. Legal investigations are underway for potential compensation claims.
Source: https://www.claimdepot.com/investigations/silverado-contractors-data-breach-2025
TPRM report: https://www.rankiteo.com/company/silverado-contractors-inc-
"id": "sil3892638110625",
"linkid": "silverado-contractors-inc-",
"type": "Ransomware",
"date": "12/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Construction (Demolition and Excavation)',
'location': {'branch_offices': ['Los Angeles, '
'California, USA',
'San Jose, California, '
'USA'],
'headquarters': 'Oakland, California, '
'USA'},
'name': 'Silverado Contractors, Inc.',
'type': 'Private Company'}],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (Personally Identifiable '
'Information - PII)',
'type_of_data_compromised': ['First and last name',
'Contact information',
'Date of birth',
'Social Security number',
"Driver's license number",
'Financial account information',
'Health insurance information']},
'date_detected': '2024-12-30',
'date_publicly_disclosed': '2025-11-04',
'description': 'Shamis & Gentile P.A. is investigating a data breach at '
'Silverado Contractors, Inc., where sensitive personally '
'identifiable information (PII) of current and former '
'employees was exposed by the LYNX ransomware group. The '
'breach was detected on Dec. 30, 2024, with the attack '
'occurring on Dec. 18, 2024. The stolen data includes names, '
"contact details, Social Security numbers, driver's license "
'numbers, financial account information, and health insurance '
'details. Affected individuals were notified by mail on Nov. '
'4, 2025, and the breach was disclosed to the California '
"Attorney General's office on Nov. 5, 2025.",
'impact': {'brand_reputation_impact': True,
'data_compromised': True,
'identity_theft_risk': True,
'legal_liabilities': True,
'payment_information_risk': True,
'systems_affected': True},
'initial_access_broker': {'data_sold_on_dark_web': True,
'high_value_targets': ['Employee PII data']},
'investigation_status': 'Ongoing (Shamis & Gentile P.A. investigating '
'potential class action lawsuits)',
'motivation': 'Financial gain (likely ransom demand and/or data sale)',
'post_incident_analysis': {'corrective_actions': ['Offering 12 months of free '
'credit monitoring to '
'affected individuals']},
'ransomware': {'data_exfiltration': True, 'ransomware_strain': 'LYNX'},
'recommendations': ['Enroll in the 12 free months of IDX credit monitoring '
'and identity protection services provided by Silverado '
'Contractors.',
'Monitor financial statements regularly for suspicious '
'activity or unauthorized transactions.',
'Place a fraud alert with credit bureaus to prevent '
'unauthorized account openings.',
'Request free annual credit reports from major credit '
'bureaus.',
'Seek legal counsel to understand rights and potential '
'compensation eligibility.'],
'references': [{'source': 'Shamis & Gentile P.A. Investigation Announcement'},
{'date_accessed': '2025-11-04',
'source': 'Silverado Contractors Data Breach Notification '
'(Mail)'},
{'date_accessed': '2025-11-05',
'source': "California Attorney General's Office Disclosure"}],
'regulatory_compliance': {'legal_actions': ['Potential class action lawsuits '
'by Shamis & Gentile P.A.'],
'regulatory_notifications': ['California Attorney '
"General's office "
'(notified on '
'2025-11-05)']},
'response': {'communication_strategy': ['Mail notifications to affected '
'individuals',
'Public disclosure via legal '
'investigation announcements'],
'incident_response_plan_activated': True,
'remediation_measures': ['Notification to affected individuals '
'(mail)',
'Disclosure to California Attorney '
"General's office",
'Offer of 12 months of free IDX credit '
'monitoring and identity protection '
'services']},
'stakeholder_advisories': ['Notification letters mailed to affected '
'individuals on 2025-11-04'],
'threat_actor': 'LYNX ransomware group',
'title': 'Silverado Contractors, Inc. Data Breach',
'type': ['Data Breach', 'Ransomware Attack']}