Trio-Tech International Reports Data Breach to SEC

Trio-Tech International, a semiconductor and industrial electronics company that provides testing services and equipment for semiconductor manufacturers, disclosed a cybersecurity incident involving one of its subsidiaries in Singapore.

It discovered the incident on March 11, 2026, and later determined it may constitute a material cybersecurity event. The total number of individuals affected has not yet been determined.

The incident was first disclosed to the U.S. Securities and Exchange Commission on March 18, 2026.

What happened in the Trio-Tech International data breach

A ransomware attack struck one of Trio-Tech International's subsidiaries in Singapore, resulting in the encryption of certain files within the company's network, according to the company's filing with the SEC.

The ransomware made those files inaccessible to the company.

Five days later, on March 16, 2026, a ransomware group known as Gunra claimed responsibility for the attack. The group posted its claim on a dark web forum hosted on the Tor network, stating it had obtained data from the organization and intended to publish the stolen information within one day.

On March 18, 2026, the situation escalated when certain company data was disclosed without authorization. Following this development, Trio-Tech International's management concluded that the incident may constitute a material cybersecurity event.

The company filed a Form 8-K report with the SEC, which was signed by Chief Financial Officer Srinivasan Anitha on March 20, 2026.

The specific types of data potentially affected have not yet been identified. According to the filing, the scope of data involved has not been fully determined and the company's investigation remains ongoing. It is not yet clear whether personal information belonging to employees, customers or other individuals was compromised in the incident.

Trio-Tech International's response to the breach

The company stated that the subsidiary is working to restore affected systems and enhance monitoring across its network environment. These steps are part of broader efforts to strengthen the company's security defenses and reduce the risk of similar incidents occurring in the future.

In addition, Trio-Tech International is working closely with its cyber insurance provider to support the ongoing investigation, remediation efforts and potential claims process.

The subsidiary is in the process of notifying affected parties as required by applicable law, according to the filing.

Steps to take if your information was exposed

Because the full scope of data exposed in this breach has not yet been determined, individuals connected to Trio-Tech International or its subsidiaries may want to take the following precautionary steps.

• Monitor credit reports regularly by requesting free reports at AnnualCreditReport.com and reviewing them for any unfamiliar accounts or suspicious activity.
• Consider placing a fraud alert or credit freeze with Equifax (1-800-525-6285), Experian (1-888-397-3742) and TransUnion (1-800-680-7289) as a precaution while the scope of exposed data is still being determined.
• Watch for phishing attempts that reference Trio-Tech International or this data breach by name, as scammers often use real breach notifications to trick people into sharing personal details.
• Review financial account statements carefully for any unauthorized charges or unfamiliar transactions and report suspicious activity to your bank or credit card company promptly.
• Enable multi-factor authentication on important online accounts to add an extra layer of protection beyond passwords alone.