IT contractor IES Communications this week confirmed it notified 6,241 employees of a March 2025 data breach that compromised names, Social Security numbers, dates of birth, addresses, payroll info, and other identifying info.
Ransomware gang Chaos took credit for the attack. Chaos says it stole 1 TB of data from IES.
IES has not verified Chaos’ claim. We do not yet know if IES paid a ransom, how much Chaos demanded, or how attackers breached IES’ network. Comparitech contacted IES for comment and will update this article if it replies.
“On or around March 17, 2025, [IES] discovered that it had experienced a cybersecurity incident in which a cyber threat actor attempted to disrupt COMM’s IT infrastructure in an effort to deploy ransomware and solicit a ransom payment from [IES],” says the company’s notice to victims. “On June 6, 2025, COMM determined that during the incident the threat actor may have gained unauthorized access to files that contained your personal information.”
IES is offering eligible victims 24 months of free credit monitoring and identity restoration through Experian. The deadline to enroll is September 30, 2025.
Who is Chaos?
Chaos is a ransomware gang that first surfaced in 2021 but didn’t start claiming victims on its data leak site until March 2025. IES was one of its first targets. Chaos attacks both individuals and organizations through drive-by-downloads and phishing. It employs a double-extortion scheme in which victims are extorted both for stolen data and to restore infected systems.
Chaos has claimed responsibility for 10 ransomware attacks in total, two of which have been confirmed. The other confirmed attack hit Optima Tax Relief in June 2025.
Ransomware attacks on US tech
Comparitech researchers have logged 11 confirmed ransomware attacks on US tech companies so far in 2025, following 17 such attacks in all of 2024. This year’s attacks have compromised more than 23,500 records, while last year saw more than 2 million breached.
Other recently confirmed ransomware attacks on US tech companies include:
- Ingram Micro confirmed an attack over the weekend claimed by SafePay
- Cierant Corporation notified victims of a December 2024 breach claimed by Clop
- Idealab notified victims of an October 2024 data breach claimed by Hunters International
We’re monitoring another 115 unconfirmed ransomware claims from 2025 that haven’t been acknowledged by the targeted organizations.
Ransomware attacks on tech companies can both steal data and lock down computers systems. Businesses must then either pay a ransom or face extended downtime, permanent data loss, and putting users and/or employees at increased risk of fraud.
About IES Communications
IES Communications is an IT contractor that designs data centers, installs network hardware and security camera systems, and builds cabling infrastructure, among other services. It operates 23 locations across the United States, and employs more than 1,000 people, according to external sources.
