.png)
The InterTech Group Data Breach Exposes Social Security Numberes
The InterTech Group, Inc., a private holding company based in North Charleston, S.C., recently experienced a data breach that exposed sensitive personal information.
The incident was first made public after the Akira ransomware group claimed responsibility for the attack on Nov. 19, 2025, posting details on the Tor network. According to their dark web announcement, the attackers obtained approximately 17 GB of data, including personal employee information such as Social Security numbers, passports, driver’s licenses, Mexican IDs, phone numbers, addresses, emails and data belonging to employees’ relatives.
The Akira ransomware group is known for targeting organizations and exfiltrating data before demanding ransom payments.
The breach also included confidential company documents: confidentiality agreements, financial and accounting records, contracts, client information, nondisclosure agreements and other sensitive files.
The Massachusetts Office of Consumer Affairs and Business Regulation confirmed the breach was disclosed to regulators on Feb. 28, 2026, with 43 Massachusetts residents affected.
The types of consumer information exposed in this incident include personally identifiable information (PII): drivers licenses and Social Security numbers. No protected health information (PHI) was reported as part of the breach.
The InterTech Group's response
In response to the breach, The InterTech Group, Inc. notified affected individuals and offered complimentary credit monitoring and identity protection services through Kroll for 24 months. These services include alerts about changes to credit files, proactive fraud assistance and identity theft restoration. The company also provided detailed instructions for enrolling in these services and encouraged all affected individuals to remain vigilant by monitoring their credit reports and financial accounts for suspicious activity.
Given the nature of the ransomware attack and the types of data exposed, it is important for those affected to take the following steps:
- Enroll in the free credit monitoring and identity protection services provided by Kroll as soon as possible
- Regularly review credit reports from the three major credit bureaus (TransUnion, Experian and Equifax) for unauthorized activity
- Consider placing a fraud alert or credit freeze on credit files to prevent new accounts from being opened in their name
- Report any suspicious or fraudulent activity to financial institutions, law enforcement and the Federal Trade Commission
Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info- Affected information types not yet disclosed
Data Breach Settlements
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
Subscribe to our weekly class actions newsletter.
.svg)