Steel Encounters and Inc.: Steel Encounters Data Breach Lawsuit Investigation

Steel Encounters, Inc. Hit by Akira Ransomware Attack, Exposing Sensitive Data of 959 Individuals

Steel Encounters, Inc., a Utah-based specialty contractor specializing in commercial construction facades and structural steel, suffered a data breach between July 27 and August 1, 2025. The company detected suspicious network activity, later confirming that an unauthorized actor accessed and exfiltrated data from its systems.

By November 7, 2025, Steel Encounters completed a preliminary review of the compromised data, followed by a detailed assessment to identify affected individuals. On December 31, 2025, the company reported the breach to the U.S. Department of Health and Human Services (HHS), disclosing that 959 people in the U.S. were impacted.

The Akira ransomware group claimed responsibility for the attack, announcing on the dark web on August 20, 2025, that it had stolen 21 GB of data, including financial records, employee details, and customer information. Exposed data may have included:

Names, addresses, and dates of birth
Social Security and passport numbers
Driver’s license and employer-assigned ID numbers
Financial account and payment card details
Health insurance, claims, and diagnosis/treatment information
Patient identification numbers

Steel Encounters has notified law enforcement and regulatory authorities and is contacting affected individuals while offering protective resources. A class action law firm is investigating potential compensation claims for those impacted.

Source: https://www.claimdepot.com/investigations/steel-encounters-data-breach-2026

Steel Encounters, Inc. TPRM report: https://www.rankiteo.com/company/steel-encounters-inc-

"id": "ste1771274028",
"linkid": "steel-encounters-inc-",
"type": "Ransomware",
"date": "7/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '959',
                        'industry': 'Construction (Specialty Contractor - '
                                    'Commercial Facades & Structural Steel)',
                        'location': 'Utah, USA',
                        'name': 'Steel Encounters, Inc.',
                        'type': 'Company'}],
 'customer_advisories': 'Notifying affected individuals and offering '
                        'protective resources',
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': '959 individuals',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Names',
                                              'Addresses',
                                              'Dates of birth',
                                              'Social Security numbers',
                                              'Passport numbers',
                                              'Driver’s license numbers',
                                              'Employer-assigned ID numbers',
                                              'Financial account details',
                                              'Payment card details',
                                              'Health insurance information',
                                              'Claims and diagnosis/treatment '
                                              'information',
                                              'Patient identification '
                                              'numbers']},
 'date_detected': '2025-07-27',
 'date_publicly_disclosed': '2025-12-31',
 'description': 'Steel Encounters, Inc., a Utah-based specialty contractor '
                'specializing in commercial construction facades and '
                'structural steel, suffered a data breach between July 27 and '
                'August 1, 2025. The company detected suspicious network '
                'activity, later confirming that an unauthorized actor '
                'accessed and exfiltrated data from its systems. The Akira '
                'ransomware group claimed responsibility for the attack, '
                'announcing on the dark web that it had stolen 21 GB of data, '
                'including financial records, employee details, and customer '
                'information.',
 'impact': {'data_compromised': '21 GB of data',
            'identity_theft_risk': 'High',
            'legal_liabilities': 'Potential class action lawsuits',
            'payment_information_risk': 'High'},
 'investigation_status': 'Ongoing',
 'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Akira'},
 'references': [{'source': 'U.S. Department of Health and Human Services '
                           '(HHS)'},
                {'date_accessed': '2025-08-20',
                 'source': 'Akira ransomware group (dark web announcement)'}],
 'regulatory_compliance': {'legal_actions': 'Class action investigation',
                           'regulatory_notifications': 'U.S. Department of '
                                                       'Health and Human '
                                                       'Services (HHS)'},
 'response': {'communication_strategy': 'Notifying affected individuals and '
                                        'offering protective resources',
              'law_enforcement_notified': 'Yes'},
 'threat_actor': 'Akira ransomware group',
 'title': 'Steel Encounters, Inc. Hit by Akira Ransomware Attack, Exposing '
          'Sensitive Data of 959 Individuals',
 'type': 'Ransomware'}

Steel Encounters and Inc.: Steel Encounters Data Breach Lawsuit Investigation

Unnamed Organizations: How Ransomware Bypasses Your Security Stack (and What Security Leaders Must Do About It)

Salesforce: Google Data Breach | Is Your Information on the Dark Web?

Basic-Fit and Clever Fit: Gym giant Basic-Fit breached with at least 1M affected