Avelina Targeted: Akira Ransomware Attack Exposes Data

Incident Date:

May 28, 2024

World map



Avelina Targeted: Akira Ransomware Attack Exposes Data






Doral, USA

Florida, USA

First Reported

May 28, 2024

Ransomware Attack on Avelina by Akira

Company Overview

Avelina is a multinational company in the food industry, with factories located in the United States, Chile, and Venezuela. They specialize in producing and selling high-quality olive oil and other gourmet food products sourced from the Mediterranean region. Avelina offers a range of olive oils, olives, vinegars, and sauces, providing customers with authentic Mediterranean flavors.

Company Size and Standout

With over 1,500 employees across its three factories, Avelina boasts a significant monthly production capacity of 16,500 tons. The company is renowned for its commitment to quality, social responsibility, and various social programs, focusing on human resources, commercial allies, suppliers, and consumers.

Victim Vulnerabilities

Avelina's prominence in the food industry and its extensive network of suppliers and customers make it an attractive target for threat actors like the Akira ransomware group. The company's large size and substantial production capacity may have made it challenging to secure all entry points, enabling the ransomware group to exploit vulnerabilities in their systems.

Attack Overview

The Akira ransomware group targeted Avelina, leaking 36GB of data that included sensitive information such as client and competitor details, financial documents, and personal data. The group employed double extortion tactics, demanding a ransom for decryption and data deletion to pressure the victim into paying.

Ransomware Group Profile

Emerging in March 2023, Akira is a rapidly growing ransomware family targeting small to medium-sized businesses across various sectors. Known for its double extortion tactics and retro 1980s-style dark web leak site, the group continuously adapts its tactics to target organizations effectively.

Attack Penetration

Akira likely infiltrated Avelina's systems through unauthorized access to VPNs, credential theft, and lateral movement to deploy the ransomware. The group may have exploited vulnerabilities in the company's network security, allowing them to exfiltrate data and encrypt systems to demand ransom.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.