The DragonForce ransomware group claims to have breached Phoenix Environmental Laboratories, a United States-based facility that specializes in high-quality environmental analysis. Phoenix Environmental Laboratories provides testing for soil, water, air, sediment, and solids in compliance with EPA and state health department requirements. The organization serves a wide array of clients, including municipal partners, large engineering firms, and state and federal agencies.
According to the actor, the cyberattack resulted in the exfiltration of 1.62 TB of internal files. Based on the published evidence, the allegedly compromised data includes:
-
Personally Identifiable Information (PII) of beneficial owners and employees
-
Social Security Numbers (SSNs) and Taxpayer Identification Numbers (TINs)
-
Dates of Birth and residential addresses
-
State-issued Driver’s License numbers
-
Internal employee accident and incident investigation reports
-
Customer financial statements, billing records, and invoices
-
Accounting representative contact information
