The Reveal Platform
(By Rudra Pratap, Abhishek Samdole & Siva Prasad Boddu)
We observed Hitachi T&D Solutions, Inc. data leak on July 21, 2025,. This data breach has been claimed by ransomware group “INC Ransom” (also known as INC RANSOM Ransomware) hacking group. On June 11, 2025 Hitachi Vantara posted and confirmed (link in References section) about their ransomware incident that occurred on April 26, 2025 resulted in a disruption to some of their systems.
Hitachi T&D Solutions, Inc. Available information suggests that the targeted company is based in the United States and operates in the manufacturing sector, employing around 120 people and generating approximately $69.5 million in annual revenue.
On July 21, 2025, “INC Ransom” hacking group claims to have breached Hitachi T&D Solutions, Inc. This breach contains information about multiple departments, their folder paths, email files, tax return files, invoice details, payment vouchers, funds transfer request forms, switchgear report forms, employee exit forms, employee eligibility verification documents (passport details, personal information) and more.
Name, Job title, Email Address :
The above screenshot contains information about the CEO’s Job title, Email address and Signature.
Bank Statement :
The above screenshot contains the CEO’s Bank statement details for the period of January 2025 to March 2025.
Contact Details :
We found the CEO/President of Hitachi T&D Solutions, Inc. Dennis McNulty’s contact information, address, social security number.
There was more information about other employees’ details and their personal files.
There are a lot of details about their customers, their access to internal tools, below is the screenshot.
It contains their customer name, portal addresses, usernames, passwords, email addresses, security questions and their answers. Below are some customer details of the following portals.
Eaton – Eaton is a power management company offering energy-efficient solutions for controlling electrical, hydraulic, and mechanical power systems.
Taulia – Taulia is a business platform for working capital management.
There was more information about other departments, User folders, Tax return documents, Bank letters, Pay Summary, Bank Statements.
We found other miscellaneous data like multiple department folders.
The above screenshot shows the user folders, where we found the CEO/President of Hitachi T&D Solutions, Inc. Dennis McNulty’s folder.
The above screenshot contains documents about Dennis McNulty’s Tax return documents, Bank letters.
There were bank statements, tax return documents, pay summaries, and billing documents containing personal information like job title, email address, and contact details that were part of the leak.
The Hitachi T&D solutions, Inc. data leak, where threat actors reportedly exfiltrated sensitive data, including CEO critical information, internal documents, employee information, and customer information, bank statements, tax-related documents, other miscellaneous data, raising concerns about data privacy and potential downstream impacts. The incident highlights the importance of robust cybersecurity measures, continuous monitoring, and rapid incident response strategies to protect critical enterprise infrastructure and customer trust.
References :
https://www.hitachivantara.com/en-in/blog/systems-update
https://x.com/FalconFeedsio/status/1947508122391875634/photo/1
https://www.redpacketsecurity.com/incransom-ransomware-victim-hitachi-tds-com/
