Ransomware Group: AKIRA

VICTIM NAME: LeasePLUS

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the AKIRA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to LeasePLUS, a prominent provider of novated leasing solutions in Australia operating within the financial services sector. The breach was discovered on July 18, 2025, and involves the imminent upload of 6 GB of sensitive corporate documents. The leaked data reportedly includes personal files of over 2,300 individuals, comprising customers and employees, as well as confidential contracts, NDAs, and various agreements. Such information could potentially expose personal identities and sensitive business details if accessed by malicious entities, although specific PII has been redacted in this summary. The page indicates the threat actors are prepared to release this data publicly, which could have significant implications for the affected parties within the leasing and financial industries. The leak emphasizes cybersecurity vulnerabilities in handling confidential corporate and personal data, especially in sectors managing extensive private records.

The leak includes visual evidence such as screenshots of internal documents, suggesting a breach of internal systems. No download links or explicit details of the leaked files are provided in the public summary. The attack date is noted as July 18, 2025, with the discovery occurring shortly afterward, pointing to recent and active malicious activity targeting LeasePLUS’s IT infrastructure. The incident underscores the mounting risks faced by organizations managing sensitive financial and personal data in Australia, and highlights the ongoing threat landscape for the financial services industry in the context of ransomware threats. While the leak poses significant risks, specific sensitive data and PII have been deliberately omitted to maintain privacy and security during public reporting.