Ransomware victim disclosure
← All victimsHarris Consulting Engineers
Claimed by Sinobi · listed 6 months ago
Status timeline
- ListedJan 5, 2026
- Data leakeddate unknown
At a glance
- Group
- Sinobi
- Status
- Data leaked
- Country
- United States
- Sector
- Construction
- Listed on leak site
- Jan 5, 2026
About the victim
AI dossier — public-source company profileHarris Consulting Engineers is a U.S.-based engineering consulting firm founded in 1983, specializing in mechanical, plumbing, electrical, and data technology services. The firm serves the construction and renovation industries, delivering tailored engineering solutions aligned with client goals and budgets. The company is led by Kent Bell, President and Owner.
- Industry
- Mechanical, Plumbing, Electrical & Data Technology Engineering Consulting
- Founded
- 1983
Attack summary
Severity: medium — Data has been published (disclosed status: data_published), indicating confirmed exfiltration, but no specific data types, scale, or sensitive regulated data categories (e.g., PII at scale, medical, financial) are evidenced in the post, and no proof file count or data size is stated.The sinobi ransomware group claims to have attacked Harris Consulting Engineers, with the disclosure status indicating data has been published. No specific details on encryption or exfiltration volume are stated in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Client project files
- Engineering design documents
- Internal business records
- Employee information
What the group claims
Harris Consulting Engineers has been perfecting the built environment since 1983, specializing in mechanical, plumbing, electrical, and data technology services. The firm's dedicated team aims to meet the goals and budgets of their clients. They focus on providing high-quality engineering solutions tailored to the construction and renovation industries. Kent Bell, the President and Owner, leads the company in fostering client relationships and delivering on projects.
Sources
Source
Indexed 6 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

