The Akira ransomware group has allegedly added Colabor, a major Canadian grocery distribution and wholesale services provider, to its list of victims. Colabor, headquartered in Boucherville, Quebec, is a significant player in the Canadian food industry and is publicly traded on the Toronto Stock Exchange under the ticker symbol GCL. The threat actor posted the claim on their dark web leak site on August 24, 2025, threatening to release sensitive data stolen from the company’s network.
According to the post, the Akira group claims to be in possession of approximately 60GB of corporate files. The attackers allege that the stolen data contains a vast amount of sensitive information, impacting both employees and the company’s operations. The exposed data allegedly includes:
- Personal data of more than 300 employees (DOB, Canadian passports, addresses, SSNs, phone numbers, emails, medical information)
- Detailed financial and accounting information
- Credit card details with security codes
- Payment details and customer files
- Employee financial information
- Agreements, contracts, and NDAs
