Ransomware Group: AKIRA

VICTIM NAME: AMS Paving

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the AKIRA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to AMS Paving, Inc., a construction company based in the United States that has been operating since 1981. The incident was discovered on June 5, 2025, and involved the unauthorized access to a significant volume of corporate data. The compromised data includes approximately 17 gigabytes of sensitive information such as employee personal details, contracts, client data, financial records, and payment information. The leak indicates an ongoing threat to the company’s confidential information, with the attackers threatening to upload and potentially release the entire dataset. The page includes references to stolen data and mentions the potential public exposure of internal documents, highlighting the seriousness of the breach for AMS Paving.

The leak post does not specify the exact date of the breach but confirms the compromise occurred on June 5, 2025. The targeted data encompasses personal employee identifiers such as driver’s licenses, dates of birth, and addresses, along with sensitive financial and contractual records—posing significant risks regarding privacy and data security. The incident is associated with the hacker group “akira” and features screenshots related to the leaked data. Although no direct download links or leaks are publicly shared, the threat of exposure remains active, with the potential for substantial impact on the company’s reputation and operations. The breach underscores the importance of cybersecurity measures within the construction industry, especially for companies handling extensive confidential data.