DragonForce claims to have exfiltrated 214GB of Aegis Project Controls’ files, including military-critical facilities, biosecurity laboratories, and other critical infrastructure, threatening to publish them and jeopardize US national security if not paid. The ransom note demands payment, warns of public shaming and that the FBI will come to you, and imposes a 15-day deadline before the data is released #UnitedStates
Incident Details
- Victim: Aegis Project Controls
- Sector: Construction
- Country: US
- Actor: dragonforce
- Source: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=35757642-d38d-4eb3-9616-966e5fc7713b
- Discovered: 2026-02-28 12:29:29.278409
- Published: 2026-01-26 00:00:00.000000
Information
- Aegis Project Controls — construction company providing 4D scheduling, training, and construction scheduling services.
- Claimed extortion by actor “dragonforce”.
- Alleged theft of 214GB of files, projects, and documents described as threatening US national security.
- Compromised materials reportedly include projects on military-critical facilities (Space Fence, Nitrocellulose Facility), biosecurity laboratories (USAMRIID), critical infrastructure facilities, and others.
- Accusation that the company did not contact the FBI after the attack; statement that the FBI will now come to them.
- Demand to contact the attackers immediately; message suggests the company’s IT department “knows how” to contact them.
- Deadline of 15 days before the data is made public.
- Direct address to David J. Hatwell with listed phone numbers: +1 269-673-8962, +1 360-918-3187, +1 240-331-0437.
- Threat promising public shame and destruction of the company if payment is not made; “Time has begun.”
Disclaimer: This post is based on public claims made by the ransomware group "dragonforce". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.