Akira Ransomware Group Targets P&C Perfumes & Companhia, Compromising 25GB Data
Incident Date:
June 19, 2024
Overview
Title
Akira Ransomware Group Targets P&C Perfumes & Companhia, Compromising 25GB Data
Victim
P&C - PERFUMES & COMPANHIA, S.A
Attacker
Akira
Location
First Reported
June 19, 2024
Ransomware Attack on P&C - Perfumes & Companhia by Akira Group
Company Profile: P&C - Perfumes & Companhia, S.A.
P&C - Perfumes & Companhia, a leading Portuguese retailer in the beauty sector, specializes in luxury perfumes and cosmetics. Established in 1981, the company has expanded its presence with a robust network of physical stores and an online platform, catering to a diverse clientele. Known for its curated selection of high-end products and commitment to customer service, P&C stands out in the competitive beauty market. The company's affiliation with the prestigious LVMH group underscores its market significance and influence.
Details of the Ransomware Attack
The Akira ransomware group, known for its aggressive and sophisticated cyberattacks, recently targeted P&C - Perfumes & Companhia, compromising their data integrity. In this incident, Akira exfiltrated 25 GB of sensitive data, posing severe risks to both the company and its customers. The breach was publicly disclosed on Akira's dark web leak site, marking a significant escalation in the cyber threat landscape faced by the retail sector.
Profile of the Akira Ransomware Group
Akira, emerging in early 2023, has quickly established itself as a formidable player in the cybercrime arena. With ties to the defunct Conti ransomware gang, Akira employs double extortion tactics, demanding ransoms for data decryption and non-disclosure. The group's distinctive approach includes a unique command-based interface on their leak site, enhancing their notoriety in cybercriminal circles.
Potential Vulnerabilities and Attack Vectors
The penetration of P&C's systems could be attributed to several factors typical of retail industry breaches, such as compromised VPN credentials or phishing attacks. Retailers like P&C, with significant online transactions and vast data repositories, are attractive targets for groups like Akira. The integration of physical and digital sales platforms, while beneficial for business, also multiplies the potential entry points for cyber attackers.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.