Ransomware Group: AKIRA

VICTIM NAME: Druni

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the AKIRA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a company operating in the consumer services sector, specifically offering a wide array of online beauty products such as perfumes, makeup, and cosmetics. The attack was publicly disclosed on July 29, 2025, and appears to involve a significant data breach with over 40 gigabytes of corporate information disclosed. The leaked data reportedly includes sensitive employee files, such as personal identification documents, detailed financial records, project data, customer information, and contractual agreements with notable brands like L’Oréal, Dior, and Chanel. The publicly leaked data could pose considerable risks to the company’s operations and reputation.

The leak indicates the release of internal documents and files which might include confidential corporate information, potentially exposing operational, financial, and strategic details. The leak page also mentions the inclusion of screenshots of internal documents, suggesting a wide breach of sensitive material. Although no direct download links are specified, the presence of shared data emphasizes the severity of the attack. The targeted company is based in Spain, and the attack is attributed to a group called “akira.” The breach’s discovery timestamp aligns with the disclosure date, highlighting the recent nature of this incident. The leaked content could significantly impact the company’s stakeholders and partners if publicly accessed.