The Akira ransomware group has expanded its attacks, targeting multiple industries worldwide and exfiltrating sensitive data before encrypting systems. Their double-extortion tactics exert pressure on victims by threatening to release stolen information, including personal and financial data. #AkiraRansomware #DoubleExtortion #LegalSector #ManufacturingThreats
Keypoints
- The Akira ransomware group has added 12 new victims to its leak portal within a short period in July 2025.
- The targeted sectors include food, manufacturing, legal, IT, consulting, and environmental organizations across various countries.
- The group exfiltrates a variety of sensitive data, such as personal documents, contracts, financial data, and NDAs.
- The threat actors threaten to publish the stolen data if victims do not pay the ransom, increasing pressure to negotiate.
- The diverse industries affected demonstrate that no sector is immune to this ransomware threat.