[AKIRA] – Ransomware Victim: Soapy Joe’s Car Wash

AI Generated Summary of the Ransomware Leak Page

On November 6, 2025, a leak post attributed to the akira ransomware group identifies Soapy Joe’s Car Wash as a victim of a ransomware incident. Soapy Joe’s Car Wash is described as a United States–based consumer services business, noted as “Voted Best Car Wash in San Diego” and a Guinness World Record holder. The post states that the attackers plan to upload more than 40 GB of corporate documents and claims they have obtained personal information of all employees, including phones, addresses, driver’s licenses, passports, almost 2,000 Social Security numbers, and medical information. It also references detailed financials, confidential files, contracts and NDAs, partner information, and other sensitive materials.

The leak page appears to frame this as a data-leak scenario, with the promise of additional material being released. There is no explicit ransom amount or encryption status described in the posted content. The post date is November 6, 2025; no compromise date is provided, so this date is treated as the post date. The page shows no screenshots or images, and there are no direct download links presented.

In summary, Soapy Joe’s Car Wash is presented as a victim of a data-exfiltration operation, with the attackers claiming access to broad employee PII and confidential corporate data and threatening the release of more than 40 GB of documents. The post attributes the incident to the akira group and emphasizes risk to employees and the company’s confidential information. The leak page does not include a ransom figure within the posted content and contains no visual artifacts such as screenshots.