DragonForce Claims Massive Data Breach at MassDevelopment, Exposing Sensitive Personal Information A cybercriminal group known as DragonForce has taken responsibility for a March 2026 data breach at MassDevelopment, the Massachusetts Development Finance Agency. The breach compromised 1.56 terabytes of data, including names, Social Security numbers, driver’s license numbers, and personal financial account details, according to a claim posted on the group’s leak site on April 27, 2026. MassDevelopment acknowledged the incident in a victim notification, stating that on March 27, 2026, it detected unauthorized access to its systems, with files copied from its network the same day. However, the agency has not confirmed DragonForce’s involvement, nor has it disclosed whether a ransom was paid, the attack vector, or the number of affected individuals. The notice did not include an offer of free credit monitoring or identity theft protection for victims. This marks MassDevelopment’s second major breach in two years. In January 2025, the agency reported a June 2024 breach claimed by the Cactus ransomware group, which allegedly stole 1.2 TB of data. A third group, BianLian, also claimed an attack in January 2025, asserting it exfiltrated 4 TB of data, though this was never verified. DragonForce, a ransomware-as-a-service (RaaS) operation, emerged in December 2023 and has since claimed 158 attacks in 2026 alone, with seven confirmed by victims. The group typically dual-extorts targets demanding payment both to unlock encrypted systems and to prevent the release of stolen data. The MassDevelopment breach is DragonForce’s first confirmed attack on a government entity and its second in the U.S. this year, following a February 2026 breach at Five States Energy Company, which affected 2,251 individuals. Other recent confirmed DragonForce attacks include: - Fundação Getulio Vargas (Brazil) – February 2026 - Hazeldene’s Chicken Farm (Australia) – February 2026 - Alliance Select Foods International (Philippines) – March 2026 - Fernheizwerk Neukölln (Germany) – March 2026 - Kopran (India) – February 2026 The incident adds to a growing trend of ransomware attacks on U.S. government entities, with 18 confirmed in 2026 so far. Other recent cases include: - Winona County, MN – Two attacks in January and April 2026 - Kent District Library (MI) – April 24, 2026 attack causing operational disruptions - Suffolk, VA – February 2026 breach claimed by the Cloak ransomware group MassDevelopment, a key economic development agency in Massachusetts, reported financing 409 projects in 2025, generating $4.65 billion in investment and supporting 25,246 jobs. The full impact of the breach remains unclear as investigations continue.

The Maine Office of the Attorney General reported a data breach involving the Massachusetts Development Finance Agency on February 28, 2025. The breach occurred when systems were accessed without authorization between June 17 and November 28, 2024, affecting a total of 1,039 individuals, including 5 Maine residents. The compromised information included names and Social Security numbers.