Akira ransomware actors allegedly targeted Leo International, established in 1986, a manufacturer serving the PVF, HVAC, and Plumbing industries, with the claim of exfiltrating sensitive corporate and employee personal data including passports, SSNs, driver’s licenses, medical information, and confidential internal files. The actor states they will upload 10GB of data, impacting #Unknown.
Incident Details
- Victim: Leo International
- Sector: Not Found
- Country:
- Actor: akira
- Source:
- Discovered: 2026-06-23T12:20:41.345414+00:00
- Published: 2026-06-23T00:00:00+00:00
Information
- Established in 1986, Leo International serves as a comprehensive source for the PVF, HVAC, and Plumbing industry.
- The company specializes in manufacturing products through forging, casting, and injection molding processes.
- The threat actor claims it will upload 10 GB of corporate data soon.
- The exposed data is said to include employee personal documents such as passports, SSNs, driver’s licenses, medical information, phone numbers, photos, document scans, addresses, and other sensitive records.
- Confidential internal files are also claimed to be among the compromised materials.
Disclaimer: This post is based on public claims made by the ransomware group "akira". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.