The Akira ransomware group has claimed responsibility for a multi-victim attack, posting four new companies to its data leak blog. The group, known for its double-extortion tactics, alleges to have breached several US-based professional services and real estate firms.
The latest list of alleged victims posted by the group includes:
- Treetop Companies (πΊπΈ): A real estate investment firm based in the United States, specializing in multi-family and industrial properties.
- Barry Sallinger Law (πΊπΈ): A top-rated criminal defense law firm located in Lafayette, Louisiana, specializing in complex litigation.
- Rhodes, Young, Black & Duncan (RYBD) (πΊπΈ): A CPA firm based in Duluth, Georgia, offering comprehensive tax, accounting, and business consulting services.
- Miromar Development Corporation (πΊπΈ): A multi-faceted real estate development company in Florida, which holds a portfolio of residential and commercial properties.
According to the actor, a significant amount of sensitive data was exfiltrated from the victims during the cyberattacks. The allegedly compromised data includes:
- Corporate documents
- Client personal information (scanned passports, driver’s licenses, Social Security Numbers, medical information)
- Confidential internal files
- HR files and employee information
- Financials and tax records
- Agreements, contracts, and Non-Disclosure Agreements (NDAs)
- Legal documents, including court files and police reports
- A small number of military-related files












