What happened
Trio-Tech International disclosed a ransomware attack affecting its Singapore-based subsidiary, which was first detected on March 11, 2026 and later confirmed on March 18 to involve unauthorized access and data exfiltration. The company said the incident impacted certain internal systems and may have led to the disclosure of company data, prompting it to file a report with the U.S. Securities and Exchange Commission (SEC) as a potentially material cybersecurity event. Trio-Tech stated that it initiated incident response procedures, engaged external cybersecurity experts, and is continuing to investigate the scope and impact of the breach.
Who is affected
Trio-Tech’s Singapore operations and internal systems are affected, with potential exposure of company data depending on the outcome of the ongoing investigation.
Why CISOs should care
The incident highlights how ransomware attacks on semiconductor and manufacturing firms can lead to regulatory disclosures and potential operational disruption, especially when data exfiltration is involved.
3 practical actions
- Prepare for regulatory reporting obligations. Public companies may need to disclose material cyber incidents through filings such as those required by the SEC.
- Assess data exfiltration risks during ransomware incidents. Investigate whether sensitive company data has been accessed or stolen.
- Engage external incident response support. Trio-Tech worked with cybersecurity experts to contain and investigate the breach.
For more coverage of ransomware campaigns and extortion-driven attacks, explore our reporting under the Ransomware tag.
