The threat actor akira has claimed to have compromised Ruhrpumpen, a German company specializing in pump manufacturing, by threatening to release 142GB of sensitive corporate data, including employee SSNs, financial information, and project details. The attack underscores the serious risk to Ruhrpumpenβs operations and confidential information in Germany. #Germany
Incident Details
- Victim: Ruhrpumpen
- Country: DE
- Actor: akira
- Source:
- Discovered: 2025-12-26 13:40:31.430771
- Published: 2025-12-26 00:00:00.000000
Information
- Ransomware attack affected Ruhrpumpen, a pump and pumping equipment manufacturer founded in 2000 and headquartered in Tulsa, Oklahoma.
- The threat actor responsible is identified as Akira.
- Ruhrpumpen designs, manufactures, and supplies pump and pumping equipment, including overhung pumps, vertical pumps, hydraulic decoking systems, fire pumps, and other products.
- The organization plans to upload 142GB of corporate data soon.
- The compromised data includes SSNs of nearly 600 employees, other personal information, detailed financials, project files, contracts, agreements, NDAs, and numerous other project-related documents.
Disclaimer: This post is based on public claims made by the ransomware group "akira". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.