MasTec Data Breach Exposes Sensitive Information of Over 25,000 Individuals In October 2025, MasTec Inc., a leading U.S. infrastructure engineering and construction firm based in Coral Gables, Florida, detected unusual activity within a segment of its computer network. A subsequent investigation by third-party cybersecurity experts revealed that an unauthorized party had accessed part of the company’s systems for several days in August 2025. After identifying the affected files, MasTec enlisted a data review firm to analyze the breach’s scope. The review concluded in February 2026, and notifications to impacted individuals began on May 11, 2026. The breach compromised the personal data of 25,220 people across the U.S., including 11 in Maine and 1,160 in South Carolina. The ransomware group CL0P claimed responsibility for the attack on the dark web on October 29, 2025. While MasTec has not publicly disclosed the exact types of information exposed, potential data includes names, dates of birth, addresses, Social Security numbers, and financial details. Legal firm Shamis & Gentile P.A. is investigating potential compensation claims for affected individuals. The incident underscores the ongoing risks to critical infrastructure providers and the delayed disclosure timelines in cybersecurity incidents.

MasTec Discloses Data Breach Affecting Over 25,000 Individuals MasTec Inc., a Florida-based infrastructure engineering and construction firm, recently reported a data breach impacting 25,220 individuals across the U.S., including 1,160 South Carolina residents and 11 Maine residents. The breach was formally disclosed to state attorneys general on June 5, 2026, with affected consumers notified via written letters beginning May 11, 2026. The incident came to light in October 2025, when MasTec detected suspicious network activity. A subsequent investigation, conducted with third-party cybersecurity experts, confirmed that an unauthorized party had accessed a limited portion of the company’s systems during August 2025. On October 29, 2025, the CL0P ransomware group claimed responsibility, posting on the Tor network to assert it had exfiltrated sensitive data. MasTec later engaged a data-review firm to analyze the compromised files, receiving final results in February 2026. While the publicly available notice did not specify exact data categories, affected individuals were informed of the types of personal information exposed in their cases, which may have included names, Social Security numbers, dates of birth, and financial details. In response, MasTec offered impacted individuals a free membership to Financial Shield, a credit and identity-theft monitoring service. Enrollment required a personalized activation code and adherence to a specified deadline. For additional support, the company established a dedicated response line at 844-953-0840.

The Washington State Office of the Attorney General reported on November 20, 2023, that MasTec, Inc. experienced a data breach on May 27, 2023, involving unauthorized access that affected 675 known Washington residents. The compromised information includes names, Social Security numbers, dates of birth, genders, member contact information, member IDs, eligibility dates, and provider information. MasTec began notifying affected individuals on October 27, 2023.