Ransomware Group: AKIRA

VICTIM NAME: Burt Process Equipment

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the AKIRA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

On August 21, 2025, Burt Process Equipment, a United States-based manufacturing company described as a leader in environmentally responsible water and natural resource use, is identified as a victim on a ransomware leak page. The post frames the event as a data-leak incident rather than an encryption breach and claims that sensitive corporate information has been exfiltrated. The leak page lists Burt Process Equipment’s industry and country and indicates that data exposure will continue with a broader release. A claim URL is indicated on the page, though the actual link is not reproduced here. The post date is 2025-08-21; no compromise date is stated on the page. There are no screenshots or images on the leak page.

The page states that about 19 GB of Burt Process Equipment’s corporate files will be uploaded. The data set described includes personal employee data (dates of birth, addresses, Social Security numbers, phone numbers, and email addresses), HR files, and detailed financial and accounting information (including customer files, employee financial data, and payment details), as well as numerous scanned documents, agreements and contracts, and NDAs. This points to a significant risk to employees and the company due to exposure of sensitive personal and financial information. There are no images or screenshots on the page, and no ransom amount is disclosed in the text. The post date remains August 21, 2025, and there is no stated compromise date on the leak page.