The Akira ransomware group claims to have breached multiple American companies, adding them to its dark web leak site. The group is known for its double-extortion tactics, where it not only encrypts but also exfiltrates sensitive data to pressure victims into paying a ransom.
The latest list of alleged victims posted by the group includes:
- Carlson Building Maintenance (πΊπΈ): A commercial cleaning and maintenance services provider operating throughout the Midwestern United States, serving industries such as retail, grocery, schools, and warehouses.
- Five Star Mechanical Inc. (πΊπΈ): A company specializing in commercial and industrial HVAC, plumbing, piping, and sheet metal fabrication services.
Akira claims to have exfiltrated a significant amount of data from both organizations, totaling over 50GB. According to the actor, the allegedly compromised data includes:
- Financial Information: Audits, payment details, financial reports, invoices, and other financial files.
- Personal Identifiable Information (PII): Passports, driver’s licenses (DLs), Social Security Numbers (SSNs), addresses, emails, and phone numbers of employees, owners, and customers.
- Corporate Documents: Confidential information, customer files, project details, and other operational files.
