BK Technologies Data Breach – Hackers Compromise IT Systems and Exfiltrate Data

BK Technologies Corporation, a provider of communications equipment for public safety and government agencies, has disclosed a cybersecurity incident in which an unauthorized third party breached its information technology systems and potentially exfiltrated sensitive data.

In a recent Form 8-K filing with the U.S. Securities and Exchange Commission (SEC), the company confirmed that it detected the suspicious activity on or around September 20, 2025.

The investigation is ongoing, but initial findings suggest that data about current and former employees may have been compromised.

Upon identifying the potential intrusion, BK Technologies immediately launched a response to contain and remediate the threat.

The company took decisive action by isolating the affected IT systems to halt any further unauthorized activity and prevent lateral movement across its network.

Incident Detection

To support its internal teams, BK Technologies engaged the services of external cybersecurity advisors to conduct a thorough investigation.

According to the filing, these containment and remediation efforts were successful in removing the threat actor from the company’s environment.

While the incident caused minor disruptions to a limited number of non-critical systems, the company stated that its ability to access impacted information has been restored, and its core business operations have continued without any material interruption.

While operational continuity was maintained, the investigation has confirmed that the attackers likely accessed and acquired non-public information stored within the company’s systems.

The primary concern is the potential exposure of sensitive employee data. According to the disclosure, the exfiltrated files may contain records pertaining to individuals who are currently or were previously employed by BK Technologies.

The company is continuing to investigate the precise nature and full extent of the data theft to understand exactly what information was compromised.

In line with its legal and regulatory obligations, BK Technologies has already reported the incident to law enforcement authorities and plans to furnish formal notice to all affected parties and relevant regulatory agencies as appropriate.

Despite the data breach, BK Technologies does not anticipate a material impact on its financial condition or results of operations.

The company stated in its SEC filing that it expects a significant portion of the direct costs associated with containing, investigating, and remediating the incident to be reimbursed through its insurance coverage.

Although the investigation is still in progress, the company has taken steps to secure its environment and prevent future occurrences.

The cautionary statement included in the report notes that the full repercussions of the incident are still being assessed and that risks, including legal, reputational, and financial, could arise as more details emerge.

The company remains committed to completing its investigation and ensuring all necessary remediation actions are taken.

Cyber Awareness Month Offer: Upskill With 100+ Premium Cybersecurity Courses From EHA's Diamond Membership: Join Today