January 26, 2024 at 07:31AM
The Akira ransomware gang claims responsibility for a cyber incident at a UK bath bomb merchant, stealing 110GB of data. Staff-related and company documents, including passport scans, were accessed, with threats to publish soon. The company, Lush, acknowledged the incident and is cooperating with forensic experts. Akira’s ransom tactics and previous attacks are highlighted.
Based on the meeting notes, the key takeaways are:
1. The Akira ransomware gang has claimed responsibility for a cybersecurity incident at a British bath bomb merchant, Lush.
2. Akira has allegedly stolen 110 GB of data from Lush, including a lot of personal documents such as passport scans, company documents related to accounting, finances, tax, projects, and clients.
3. There is no evidence to suggest customer data was exposed.
4. Akira has a retro-vibe website where they separate victims into different sections based on ransom payment status.
5. Lush acknowledged the incident and is working with outside forensic experts to investigate the issue.
6. A staff member claimed that employees were instructed to send their laptops to head office for “cleaning.”
7. Akira has been observed engaging in both ransomware attacks and extortion with their victims.
8. Akira targets organizations primarily in the UK, Australia, and North America, and demands “outrageous ransom payments.”
9. The group is believed to be highly experienced and skilled, with a relationship to the Conti ransomware operation.
These takeaways provide a clear understanding of the situation and its potential impacts on Lush and the broader implications of Akira’s activities.