Trio-Tech International, Inc. · TRT

Item 1.05 Material Cybersecurity Incidents On March 11, 2026, Trio-Tech International ("Company") identified and responded to a cybersecurity incident in one of its subsidiaries ("subsidiary") in Singapore. The subsidiary experienced a ransomware incident that resulted in encryption of certain files within the Company's network. At that time, management determined that the incident was not material. On March 18, 2026, the incident escalated and resulted in the unauthorized disclosure of certain Company data. Following this development, management concluded that the incident may constitute a material cybersecurity event. Upon discovery of the cybersecurity incident, the subsidiary immediately activated its response protocols, implemented containment measures, including proactively taking its network offline, launching an investigation with the assistance of third-party cybersecurity professionals and notifying law enforcement in Singapore. The subsidiary is taking steps to contain the incident, restore affected systems, and enhance monitoring across its network environment. The subsidiary is in the process of notifying affected parties as required by applicable law. The scope of the data potentially affected has not yet been fully determined, and the Company's investigation remains ongoing. The subsidiary is also working closely with its cyber insurance provider to support the investigation, remediation, and potential claims process. The full scope and impact of this incident is not yet known and could result in a future determination that the incident may be material to the Company's financial statements and results of operations. As of the date of this Form 8-K, the incident has not resulted in any material disruption to the subsidiary's operations or the Company's business, and the Company does not expect this incident to have a material impact on the Company's financial results and operations for the three months ended March 31, 2026.