May 8, 2026
We are reaching out to address information-security related claims recently made about Egnyte by an external threat actor group. We want to be direct, transparent, and clear: no ransomware attack occurred, and no customer, employee, or production data has been compromised.
What Happened
A group identifying itself as “INC Ransom” published files on a dark web site and made claims about Egnyte. Upon immediate investigation, we determined the following:
- No ransomware was deployed. No files within our environment were maliciously encrypted.
- Any situation appears isolated to a single Quality Assurance (QA) test site — a separate, non-production environment used exclusively for testing.
- That QA environment contained only dummy or synthetic test data — not real customer, employee, or business data.
- Our production systems and customer environments remain fully secure and fully operational.
There is nothing you need to do at this time. Egnyte is operating normally.
We will review the configuration and access controls of our QA environments as a further precautionary measure.
We understand that situations like this can raise concerns, and we want you to know that the security and trust of our customers, employees, and partners is our highest priority. We will continue to keep all stakeholders informed should anything material change. We are confident in our systems and our team.
Thank you for your continued trust in Egnyte.