Ransomware Group: AKIRA

VICTIM NAME: Del Corona & Scardigli Canada

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the AKIRA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The recent ransomware leak affected Del Corona & Scardigli Canada, a company specializing in logistics services such as air, sea, and land transportation, as well as warehouse and distribution solutions within Canada. The breach resulted in the unauthorized exposure of approximately 15 gigabytes of corporate data. The compromised information includes sensitive employee details such as date of birth, addresses, and phone numbers, along with financial records like audits, payment reports, contractual documents, and correspondence. The leak also contained extensive client data, including contracts and nondisclosure agreements. The incident was publicly disclosed on May 29, 2025, and the threat actors have claimed responsibility, indicating their intent to upload and publicly release the stolen data. There are indications that the attackers are maliciously exposing internal company information, which can have severe operational and reputational impacts if exploited.

The leak page features no specific visual content or screenshots, but it references a significant volume of confidential business documentation. The attacker group identified as “akira” has announced their breach in a publicly accessible leak site, providing no direct download links but suggesting that the data is available or will be made available. The activity involved appears targeted at exposing the victim’s internal corporate and client data, potentially to coerce or pressure the company into complying with ransom demands. The incident underscores the importance of cybersecurity measures in the logistics sector, where the exposure of such data could lead to operational disruptions or security vulnerabilities. The city or regional scope is Canadian, and the nature of the information suggests a focus on international trade and logistics services.