Ransomware Attack on Lotz Trucking Inc. by Akira Group: Impact and Vulnerabilities in the Transportation Sector
Incident Date:
April 16, 2024
Overview
Title
Ransomware Attack on Lotz Trucking Inc. by Akira Group: Impact and Vulnerabilities in the Transportation Sector
Victim
Lotz Trucking Inc.
Attacker
Akira
Location
First Reported
April 16, 2024
Ransomware Attack on Lotz Trucking Inc. by Akira Group
Company Profile: Lotz Trucking Inc.
Lotz Trucking Inc., established in 1986 and based in Ottawa, Illinois, is a medium-sized enterprise in the transportation sector, specializing in bulk commodity transportation. With a workforce of 74 employees and an annual revenue of $18 million in 2024, the company provides a range of services using various transportation modalities including flatbeds, vans, hopper bottoms, and dump trailers. Additionally, Lotz Trucking operates a full-service truck repair and maintenance facility known as Lotz Truck Shop.
Details of the Cyber Attack
The Akira ransomware group, known for its affiliation with the defunct Conti ransomware gang, targeted Lotz Trucking Inc. in a sophisticated cyber attack. During this incident, approximately 15 GB of sensitive data was stolen, including confidential agreements, Non-Disclosure Agreements (NDAs), and personal information of employees. The attack highlights the double extortion tactic typical of Akira, threatening both data encryption and leakage.
Vulnerabilities and Industry Impact
The company's digital infrastructure may have been vulnerable to such an attack due to potential lapses in securing their VPNs, a common entry point exploited by Akira. The transportation industry, integral to supply chain operations, often holds vast amounts of sensitive logistical data, making companies like Lotz attractive targets for ransomware attacks.
Sources
- ZoomInfo: Lotz Trucking Inc. Profile
- RocketReach: Lotz Trucking Inc. Revenue Data
- Lotz Trucking Official Website
- Trend Micro: Ransomware Spotlight - Akira
- Sophos News: Akira - The Ransomware That Keeps on Taking
- Tripwire: Akira Ransomware - What You Need to Know
- Trellix: Akira Ransomware Analysis
- IC3: Akira Ransomware Financial Impact Report
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.