Ransomware Group aurora Hits: Hagerman and Company

19 June 2026

In the latest cybersecurity news, Hagerman & Company — a company operating in the US — has fallen victim to a ransomware attack conducted by the group aurora. This data breach, discovered on 2026-06-19T13:52:11.013934+00:00, underscores the increasing need for proactive cybersecurity defenses as we continue through 2025.

In response to increasing cyber threats, it’s critical to protect your organization with proactive security measures. HookPhish provides enterprise-grade solutions designed to reduce your risk of future attacks:

Phishing Simulation – Test and improve employee readiness with realistic, controlled phishing campaigns.
Cybersecurity Awareness Training – Educate your team to recognize and respond to common attack tactics.
Data Breach Monitoring – Get real-time alerts if your organization’s data appears in public or dark web breaches.
Phishing Detection and Response – Detect, investigate, and neutralize phishing threats before they cause damage.

Protect your organization before it becomes the next headline. Explore HookPhish.

Incident Report

Attribute	Information
Target Organization	Hagerman & Company
Threat Group	aurora
Summary	*** — a 40-year-old Autodesk Platinum Partner headquartered in Mt. Zion, Illinois, serving 250+ enterprise customers across manufacturing, energy, defense, healthcare, and education. The exposed dataset includes: Complete proprietary source code for 15+ commercial products including the HNC Licensing System (License Generator, License Server, License Manager) — enabling unlimited piracy of all Hagerman products. 8+ plaintext database credentials in .udl files, including an Oracle SYS (DBA superuser) account with password “Hagerman@1!” reused across multiple systems. Engineering vault databases for 14+ critical infrastructure entities — NYPA (7 power plants including Niagara Falls), Kinder Morgan (Elba Island LNG terminal), HydroOne (Ontario electricity), Phillips 66, Chevron, and 8+ petroleum refineries. Defense/government data — NASA IT Security Requirements, Lockheed Martin configurations, Boeing-SVS vault data, JPL configurations. Azure DevOps transaction logs (1.6 GB) containing complete source code version history and potentially CI/CD deployment secrets. Third-party database credentials for Michigan State University (3 databases), Cal State Long Beach, and Beth Israel Deaconess Medical Center infrastructure.
Date of Breach	2026-06-19T00:00:00+00:00
Discovery Date	2026-06-19T13:52:11.013934+00:00
Region	None
Target Domain	Hagerman & Company
Business Sector	Business Services

Don’t wait for a breach to take action — stay informed and take control of your cybersecurity posture today.

You can also check if your organization’s data has been exposed using our free Data Breach Checker.

Disclaimer: HookPhish does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.