IT services company GeoLogics yesterday confirmed it notified 11,948 people of a December 2023 data breach that compromised names, Social Security numbers, financial account info, and state-issued ID numbers.
Ransomware gang DragonForce claimed responsibility for the breach, saying it stole 123 GB of data from GeoLogics.
GeoLogics has not verified DragonForce’s claim. We do not know if GeoLogics paid a ransom, how much DragonForce demanded, or how attackers breached GeoLogics’ network. Comparitech contacted GeoLogics for comment and will update this article if it replies.
According to GeoLogics’ notice to victims, the breach occurred in December 2023, but the company didn’t detect it until October 2024, so it went undetected for nearly 11 months. DragonForce claimed responsibility in January 2024.
“On October 16, 2024, GeoLogics learned that certain personal information may have been accessed or taken from its network between December 21 and 23, 2023,” says the company’s notice to victims.
GeoLogics is offering eligible victims one year of free credit monitoring through Equifax.
Who is DragonForce?
DragonForce is a ransomware gang that first started posting targets to its leak site in December 2023. It operates a ransomware-as-a-service business in which customers pay to use DragonForce’s malware and infrastructure to launch attacks and collect ransoms. DragonForce often extorts victims twice: once for a decryption key to unlock infected systems, and again in exchange for not selling or publicly releasing stolen data.
DragonForce has claimed responsibility for 30 confirmed ransomware attacks in total, plus 138 unconfirmed claims that haven’t been acknowledged by the targeted organizations.
Recently, DragonForce claims to be behin several large attacks on UK retailers including Co-op and Harrods. DragonForce malware was used by Scattered Spider in its attack on Marks & Spencer.
In 2025 to date, DragonForce claimed six confirmed attacks, plus 49 unconfirmed claims.
Ransomware attacks on US tech
Comparitech researchers logged 45 confirmed ransomware attacks on US tech companies in 2023, compromising more than 104 million records. Those figures declined in 2024 to just 16 attacks and 2 million records. In 2025 so far, we’ve confirmed three attacks.
The average ransom demand across all these attacks is $19.7 million, which is much higher than most other sectors. The average is somewhat skewed by large ransom demands such as LockBit’s $80 million ransom against CDW Government and BlackSuit’s $25 million ransom against CDK Global.
Other recently confirmed ransomware attacks against US tech include Silent’s theft of 854 GB of data from Versa Networks last month, and Akira’s attack on Hitachi Vantara.
Ransomware gang have claimed 98 unconfirmed attacks in 2025 so far.
About GeoLogics
Founded in 1989, GeoLogics Corporation is an IT services company headquartered in Alexandria, Virginia with regional offices throughout the USA. The company takes part in aerospace, defense, telecommunications, and intelligence projects of federal agencies and government contractors. It employs more than 200 people, according to its LinkedIn profile.
Source link
-
-
-
-
-
-
-
-
