[AKIRA] – Ransomware Victim: E-First Aid Supplies

AI Generated Summary of the Ransomware Leak Page

On November 5, 2025, E-First Aid Supplies, a United States–based organization in the healthcare sector, appears on a ransomware leak page as a victim. The post frames the incident as a data-leak event and states that the attackers intend to upload more than 14 GB of internal corporate documents, including information related to employees, customers, financials, and other confidential files. There is no explicit ransom demand or encryption claim in the visible text, suggesting the post emphasizes data exfiltration and potential public disclosure rather than an active encryption event.

As of the post date, the leak page shows no visible screenshots or attachments. Metadata indicates zero images, no downloads, and no links on the page. The description’s plan to release a large corpus of internal documents implies forthcoming data exposure, rather than an already completed encryption event. Since no compromise date is provided, the published date (November 5, 2025) is treated as the post date for reporting purposes.

The victim name is retained for reporting in this CTI write-up, while other company names mentioned in the leak description are not the focus here. If realized, the promised 14 GB data dump could encompass employee and customer information, financial records, and other confidential materials, potentially triggering privacy, regulatory, and reputational risks for a healthcare organization in the United States. Stakeholders should monitor for updates from the leak page and prepare appropriate data governance and incident response actions in anticipation of any disclosed material.