Search for an article

Select a plan

Choose a plan from below, subscribe, and get access to our exclusive articles!

Monthly plan

$
13
$
0
billed monthly

Yearly plan

$
100
$
0
billed yearly

All plans include

  • Donec sagittis elementum
  • Cras tempor massa
  • Mauris eget nulla ut
  • Maecenas nec mollis
  • Donec feugiat rhoncus
  • Sed tristique laoreet
  • Fusce luctus quis urna
  • In eu nulla vehicula
  • Duis eu luctus metus
  • Maecenas consectetur
  • Vivamus mauris purus
  • Aenean neque ipsum
Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

HomeSecurity ArchitectureAkira ransomware gang claims theft of passport scans from Lush in 110...

Akira ransomware gang claims theft of passport scans from Lush in 110 GB data heist • The Register

Published on

spot_img

The recent cybersecurity incident at a British bath bomb merchant has been claimed by the Akira ransomware gang, with the hackers boasting that they have obtained 110 GB of data from the global cosmetics giant. Among the stolen data are reportedly personal documents such as passport scans, in addition to company-related files on accounting, finances, tax, projects, and clients. While there is no evidence to suggest that customer data has been exposed, the threat of data publication looms as the cybercriminals threaten to make the data public soon.

It appears that Akira’s modus operandi involves categorizing victims into groups based on whether they paid the ransom, with those who didn’t pay having their data published and those who did facing uncertain dates for data publication. This seems to suggest that negotiations may have taken place, but have possibly stalled, prompting Akira to use the threat of data publication as leverage to push the talks forward.

In response to the incident, Lush, the affected company, communicated that it is working with outside forensic experts to investigate the issue, indicating that the situation bears the hallmarks of a ransomware attack. The company also stated that it has taken immediate steps to secure and screen all systems, underscoring its commitment to containing the incident and minimizing its impact on operations.

The incident first came to light in a post made on the unofficial Lush Reddit community, where a user claimed that staff members were instructed to send their laptops to head office for “cleaning”, a detail that has been verified to be true. This aligns with Akira’s known practice of engaging in extortion without an encryption component, which could explain the absence of visible external disruption to Lush’s operations.

Akira’s emergence in early 2023 has been marked by an increasing number of victims, with an apparent preference for targeting vulnerable Cisco VPN products and remote access tools without multifactor authentication deployed. The group primarily targets organizations in the UK, Australia, and North America, and is known for demanding exorbitant ransom payments in the nine-figure range.

Experts have pointed out the group’s relationship with Conti, which has led to its classification as one of the spin-off gangs following the downfall of Conti in 2022. Notably, Akira is believed to be responsible for the recent attack on Finnish IT service provider Tietoevry, affecting online services at Swedish government departments and universities.

Tietoevry has stated that the attack was limited to one of its Swedish data centers, and while the incident has been contained, the company remains uncertain about the timeline for full recovery. This underscores the far-reaching impact of ransomware attacks orchestrated by groups such as Akira, which continue to pose a significant threat to organizations and institutions worldwide.

Source link

Latest articles

U.S. Treasury Imposes Sanctions on Chinese Individual and Company for Data Breaches – Source: securityboulevard.com

The recent sanctions imposed by the U.S. Treasury Department on a Chinese individual and...

High School in Britain Targeted by Ransomware Attack

A cyberattack at Blacon High School in Chester has forced the institution to remain...

Scam Yourself attacks: How social engineering is evolving

In the ever-evolving landscape of cybersecurity threats, a new trend has emerged in 2025...

Tabletop Exercise: So geht es | CSO Online

A recent incident involving a ransomware attack has put a major company in a...

More like this

U.S. Treasury Imposes Sanctions on Chinese Individual and Company for Data Breaches – Source: securityboulevard.com

The recent sanctions imposed by the U.S. Treasury Department on a Chinese individual and...

High School in Britain Targeted by Ransomware Attack

A cyberattack at Blacon High School in Chester has forced the institution to remain...

Scam Yourself attacks: How social engineering is evolving

In the ever-evolving landscape of cybersecurity threats, a new trend has emerged in 2025...