The Reveal Platform
Omega Bio-tek, founded in 1998, is an ISO 9001:2015 certified manufacturer specializing in nucleic acid isolation for clinical research, biotechnology, and agriculture. Omega Bio-tek has 145 employees, generates $50.1 million in revenue, and operates within the manufacturing sector based in the United States.
On August 22, 2025, the hacking group “INC Ransom” claimed responsibility for a breach at Omega Bio-tek, exposing sensitive data including employee records, offer letters, Social Security numbers, contact information, home addresses, HR files, and bank statements.
The breach exposed personal and sensitive information belonging to the CEO, Finance Director, IT Head, and other employees.
Name, Job Title, Email Address, Phone number :
The above screenshot contains information such as “Qi Guo” the CEO’s job title, email address and phone number.
The above screenshot contains information such as email address, phone number of Omega Biotek’s finance director, “Ernesto S.”
The above screenshot contains information such as the SSN, job title, and phone number of Omega Bio-tek’s IT lead, “Cameron S.”.
The above screenshot contains sensitive information, including an employee’s job offer letter, job title, salary details, manager information, and a signature from the Vice President.
The above screenshot contains information such as Social Security number(SSN), Driving license number, Address of employee, “Clay S.”
Omega Biotek Bank Statement details :
The above screenshot contains information such as Omega Biotek’s Bank details, Account number, Transaction details, Bank statement details.
Other Miscellaneous data:
There was more information about other employees.
We also identified additional folders from multiple departments containing data such as insurance records, tax notices, expense reports, new employee files, and accounting documents.
The Omega Bio-tek data breach involved threat actors reportedly stealing highly sensitive information, including CEO details, internal documents, employee records, bank statements, and tax files—raising significant data privacy concerns. This incident underscores the critical need for robust cybersecurity defenses, continuous monitoring, and rapid incident response to minimize damage. Protecting enterprise infrastructure and sensitive data must remain a top priority, as maintaining customer trust hinges on proactive and resilient security strategies.
(Blog written by Abhishek Samdole, Siva Prasad Boddu & Rudra Pratap)
