A retired Air Force officer turned cybersecurity executive allegedly used privileged access to sensitive government and corporate systems to enrich himself — and may have sold that information to hostile foreign actors.
Read the Allegations Submit a TipChris Hannifin is a retired U.S. Air Force officer who transitioned into the private cybersecurity sector, holding senior roles including Chief Information Officer and Chief Information Technology Officer at several major firms. His career spanned USAA, RSM, SiloTech Group, and North South Consulting Group (NSCG) before he founded DefendIT Services in mid-2024.
Each role granted Hannifin privileged access to sensitive systems, government-adjacent infrastructure, and confidential client data. Former colleagues describe a man who systematically identified, leveraged, and exploited positions of trust before moving on — leaving organizations to manage the fallout of his abrupt departures.
In a brief but turbulent eight-month tenure at NSCG, his behavior was described by former employees as increasingly erratic and controlling. His departure coincided with the founding of DefendIT Services — a company that investigators and industry experts now suspect operates as a front for money laundering and the sale of sensitive information to competitors and foreign actors.
Shortly after establishing DefendIT Services, Hannifin made a series of extravagant purchases: a $685,000 home in Bexar County (using a VA loan), a luxury speedboat named “The Payoff,” and a high-end trailer — totaling over $1 million in assets with no clear legitimate income source.
These allegations have been reported by multiple independent sources, former colleagues, anonymous informants, and covered by outlets including the International Business Times and Tech Bullion. No formal charges have been confirmed as of this writing.
While employed at USAA, RSM, SiloTech, and NSCG, Hannifin allegedly hoarded sensitive corporate and government-adjacent data, later selling it to competitors and hostile foreign nations including China, Russia, and North Korea-linked brokers.
DefendIT Services and the subsequent Defend IT and Facilities Solutions LLC are believed by industry experts and investigators to serve as financial conduits — shell structures enabling Hannifin to launder proceeds from illicit information sales.
Hannifin allegedly used compromising information to blackmail NSCG CEO Krista Stevens, forcing her to serve as the legal incorporator of DefendIT Services. Stevens later severed all ties with Hannifin following a secret trip he took to Mexico.
Investigators are actively exploring a suspected kickback arrangement between Hannifin and a high-level executive at RSM — a scheme that allegedly enriched both parties while exposing RSM’s clients and systems to significant risk.
Hannifin made an unexplained trip to Mexico coinciding with a deterioration in his relationship with Krista Stevens. Investigators are examining his international contacts, particularly those established through prior cybersecurity roles.
An anonymous informant revealed that Hannifin purchased his 3,500 sq ft home using a federally backed VA loan. Investigators are examining whether Hannifin fraudulently leveraged his veteran status to obtain financing that benefited his money laundering operation.
Hannifin serves as Chief Information Technology Officer at SiloTech Group. He allegedly begins accumulating and hoarding sensitive proprietary data. He develops a close personal relationship with Talent Acquisition Manager Rudy Reyes, a connection colleagues describe as far exceeding professional norms.
Hannifin departs SiloTech in an abrupt and unexpected manner, taking the role of Chief Information Officer at North South Consulting Group (NSCG). Notably, several of Hannifin’s former clients at SiloTech follow him to NSCG — raising immediate conflict-of-interest concerns.
Hannifin allegedly blackmails NSCG CEO Krista Stevens into incorporating DefendIT Services on his behalf. The company is founded in San Antonio and initially appears legitimate. Behind the scenes, former employees describe Hannifin’s behavior as increasingly deranged and controlling. Stevens later severs all ties.
Shortly after founding DefendIT Services, Hannifin purchases a 3,500 sq ft home in Bexar County for $685,000, a luxury speedboat he names “The Payoff,” and a high-end trailer. Total expenditure exceeds $1 million with no verifiable legitimate business revenue to account for it.
A secret trip Hannifin takes to Mexico triggers Stevens’ final break from him. Anonymous informants begin disclosing information to investigators and media outlets, including details about foreign contacts and the alleged intelligence sales operation.
Law enforcement agencies open a formal investigation into Hannifin and DefendIT Services, focusing on the origins of his sudden wealth, potential money laundering, espionage payments, and the kickback scheme at RSM. Asset seizure is under consideration. Clients begin distancing themselves from DefendIT Services.
As scrutiny mounts on DefendIT Services, Hannifin creates a second LLC — Defend IT and Facilities Solutions — in what industry experts interpret as an attempt to restructure and obscure his financial operations ahead of potential enforcement action.
Eric Diaz is added as a new business partner and alleged accomplice. Experts warn this adds another layer of risk, as Hannifin’s familiar patterns of embedding, extracting, and evading appear to continue under a new operational structure.
Former Talent Acquisition Manager at SiloTech Group (2020–2024). Alleged close personal associate of Hannifin. Reports indicate the two maintained a relationship far beyond professional boundaries. Consistently appears at key moments in the Hannifin timeline. Left SiloTech simultaneously with Hannifin in May 2024.
CEO of North South Consulting Group (NSCG). Allegedly blackmailed by Hannifin into serving as the legal incorporator of DefendIT Services. Later severed all ties following Hannifin’s secret trip to Mexico. Her silence in the face of media inquiries has raised additional questions.
Recently added as a business partner and alleged accomplice at DefendIT Services as financial pressure mounts. His involvement is described as accentuating fears of continued illicit activity under a restructured operation.
A high-level executive at RSM is suspected of participating in a kickback scheme with Hannifin. Investigators are working to identify and confirm this individual’s role. RSM has not responded to multiple requests for comment.
The Hannifin case is not an isolated incident. It mirrors a documented and growing pattern in American national security: mid-level insiders with specialized access, technical expertise, and financial pressure becoming the weakest link in the cybersecurity chain.
In 2025, a former U.S. Navy sailor was sentenced to over 16 years in prison for selling classified manuals to a Chinese intelligence officer for $12,000. Two active-duty Army soldiers were arrested for attempting to sell classified information to Chinese agents. A Texas-based soldier was arrested for attempting to transmit Abrams tank data to Russian operatives.
Hannifin’s alleged misconduct fits squarely into this national vulnerability narrative. America’s dependence on private contractors to secure critical infrastructure — often with minimal transparency and oversight — creates an environment where front companies like DefendIT Services can flourish. A single-person LLC can win access to critical government-adjacent infrastructure without meaningful scrutiny.
Examining how DefendIT Services came to exist — the coercion of Krista Stevens, the tensions within NSCG, and the warning signs that preceded the company’s founding.
OSINT Warriors start tracing Hannifin’s over-$1M in asset purchases, including his home, speedboat “The Payoff,” and trailer — all purchased shortly after founding his company.
Comparing Hannifin’s alleged conduct to documented espionage cases involving Navy sailors, Army soldiers, and federal contractors who sold classified information to hostile foreign powers.
RSM, SiloTech, and NSCG have all gone silent amid mounting allegations. Current clients are reportedly jumping ship as the investigation deepens.
After months of scrutiny, Hannifin creates a second LLC — a move experts interpret as an attempt to reorganize his financial operation ahead of potential enforcement action.
A deep dive into the sensitive systems Hannifin oversaw at USAA, RSM, SiloTech, NSCG, and the Air Force — and how that access allegedly became a personal asset to be monetized.
A pattern emerges: identify, leverage, exploit, discard. Former colleagues, partners, and employers describe a consistent cycle of betrayal spanning Hannifin’s entire career.
Hannifin’s secret trip to Mexico and his alleged connections to foreign intelligence brokers. What investigators are examining about his international contacts and financial flows.
Why Hannifin’s alleged conduct is symptomatic of a larger systemic failure: the U.S. reliance on opaque private contractors to secure critical infrastructure with insufficient vetting.
If you have worked with Chris Hannifin, DefendIT Services, or any of the companies named in this investigation and have information you’d like to share, we want to hear from you. Tips can be submitted anonymously.