Posillico Inc. Data Breach Affects 9,876 Individuals Exposing Social Security Numbers

On Jan. 6, 2026, Posillico Inc., a construction and engineering contractor based in Farmingdale, N.Y., confirmed their data had been breached.

The incident began with a network disruption identified on Dec. 8, 2025.

Posillico launched an investigation, bringing in independent cybersecurity experts to assess the situation. The investigation revealed that unauthorized actors had potentially accessed or acquired files containing sensitive information.

The Akira ransomware group claimed responsibility for the attack, stating on a dark web posting dated Jan. 5, 2026, that they had obtained 1 TB of data, including SQL databases with employee personal data, project details, contracts, agreements, financial records, and insurance-related documents.

The breach was reported to the Maine Attorney General on Jan. 13, 2026. According to the disclosure, 9,876 individuals in the United States were affected. Of these, three were residents of Maine.

Additionally, on Jan. 14, 2026, the breach was reported to the attorney general offices of Massachusetts and Texas, affecting 22 residents of Massachusetts and 1,021 residents of Texas.

As stated in the company's written Notice of Data Incident on the Maine Attorney General's website, the breach involved the exposure of personally identifiable information, specifically names and Social Security numbers.

Posillico's response

After discovering the breach, Posillico secured its network and engaged cybersecurity professionals to conduct a thorough investigation. The company enhanced its security measures and reported the matter to the FBI’s Internet Crime Complaint Center.

The company notified affected individuals by written letter.

For those affected, Posillico is offering complimentary identity protection services through IDX, which includes 12 to 24 months of credit monitoring, dark web monitoring, a $1 million identity fraud loss reimbursement policy, and fully managed identity theft recovery services. Affected individuals have until April 12, 2026, to enroll in these services.

Additionally, the company has set up a toll-free call center to answer questions and provide guidance.

Given the nature of the breach, affected individuals should take the following steps:

• Enroll in the offered identity protection and credit monitoring services as soon as possible
• Review account statements and credit reports for any suspicious activity
• Consider placing a fraud alert or security freeze on credit files with the major credit bureaus
• Report any suspected identity theft to local law enforcement, the Federal Trade Commission, or the state Attorney General