[AKIRA] – Ransomware Victim: Coilplus

AI Generated Summary of the Ransomware Leak Page

Coilplus, a manufacturing company based in the United States, is named as the victim on the leak page. The post, dated November 5, 2025, attributes the incident to the threat actor group ‘akira’ and frames it as a data-leak event rather than a traditional encryption breach. It claims that 14GB of corporate documents will be uploaded soon and enumerates the data categories allegedly compromised: detailed employee information (including complete I-9 forms, Social Security Numbers, driver’s license data, passports, and birth/death certificates), financial records, internal confidentiality agreements, and NDAs. The page presents these materials as evidence of exfiltration and threatens public release of the data; however, no ransom demand or amount is stated in the available text, and there are no visible downloads or screenshots on the page in the provided data.

The leak page shows no images or screenshots and indicates no downloadable content in the record provided, relying instead on textual claims. Overall, the page describes Coilplus as the target of a data-leak operation, with a promised release of roughly 14GB of sensitive corporate information, including personal employee records and confidential documents. The posted date serves as the post date; a compromise date is not provided in the available data.