Akira Ransomware Group Targets P&C Perfumes & Companhia, Compromising 25GB Data

Incident Date:

June 19, 2024

World map

Overview

Title

Akira Ransomware Group Targets P&C Perfumes & Companhia, Compromising 25GB Data

Victim

P&C - PERFUMES & COMPANHIA, S.A

Attacker

Akira

Location

Lisboa, Portugal

, Portugal

First Reported

June 19, 2024

Ransomware Attack on P&C - Perfumes & Companhia by Akira Group

Company Profile: P&C - Perfumes & Companhia, S.A.

P&C - Perfumes & Companhia, a leading Portuguese retailer in the beauty sector, specializes in luxury perfumes and cosmetics. Established in 1981, the company has expanded its presence with a robust network of physical stores and an online platform, catering to a diverse clientele. Known for its curated selection of high-end products and commitment to customer service, P&C stands out in the competitive beauty market. The company's affiliation with the prestigious LVMH group underscores its market significance and influence.

Details of the Ransomware Attack

The Akira ransomware group, known for its aggressive and sophisticated cyberattacks, recently targeted P&C - Perfumes & Companhia, compromising their data integrity. In this incident, Akira exfiltrated 25 GB of sensitive data, posing severe risks to both the company and its customers. The breach was publicly disclosed on Akira's dark web leak site, marking a significant escalation in the cyber threat landscape faced by the retail sector.

Profile of the Akira Ransomware Group

Akira, emerging in early 2023, has quickly established itself as a formidable player in the cybercrime arena. With ties to the defunct Conti ransomware gang, Akira employs double extortion tactics, demanding ransoms for data decryption and non-disclosure. The group's distinctive approach includes a unique command-based interface on their leak site, enhancing their notoriety in cybercriminal circles.

Potential Vulnerabilities and Attack Vectors

The penetration of P&C's systems could be attributed to several factors typical of retail industry breaches, such as compromised VPN credentials or phishing attacks. Retailers like P&C, with significant online transactions and vast data repositories, are attractive targets for groups like Akira. The integration of physical and digital sales platforms, while beneficial for business, also multiplies the potential entry points for cyber attackers.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.