On May 30, 2024, the Akira ransomware group announced a series of high-profile data breaches targeting four prominent organizations. The group claims to have obtained and plans to release substantial amounts of sensitive data from the following companies:
- Excel Security Corp: An internationally respected provider of security services, ironically left without security themselves. Akira claims to have acquired 150GB of data, including personal files of employees, Social Security Numbers (SSNs), driver’s licenses, phone numbers, emails, financial data, customer information, Non-Disclosure Agreements (NDAs), and other confidential agreements. The breach highlights a significant lapse in the company’s own security measures.
- DreamWall: An animation and graphics studio based in Charleroi, Belgium, born from a partnership between Dupuis and RTBF. Akira alleges to have obtained about 15GB of data, including personal data, medical files, contracts, agreements with other companies, and financial information. This breach could have severe implications for the studio’s operations and client confidentiality.
- Faultless Brands: A manufacturing business producing laundry, household cleaning products, air care, and lawn and garden products. The ransomware group claims to have accessed a wealth of HR files containing employees’ personal data, customer information, accounting files, confidential agreements, and medical information. The exposure of such data could have serious consequences for both the company and its clients.
- MagicLand: Known for attracting about 3 million unique visitors since its creation, and being the third most visited theme park in Italy with 800,000 visitors in 2014. Akira claims that the park’s data breach will include personal data such as bank information (swift codes, BIC, IBAN), EU ID numbers, accounting, and HR files. The imminent release of this information could pose a risk to the personal and financial security of many individuals.