Ransomware Group: AKIRA

VICTIM NAME: Lundberg Design

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the AKIRA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

On August 14, 2025, a leak post attributed to the AKIRA group identifies Lundberg Design, a United States–based architectural practice, as a victim of a ransomware-related data-leak operation. The firm is described as delivering a broad portfolio spanning residential, commercial, and public spaces, including design work for restaurants, hotels, and retail environments. The post frames the incident as a data-leak rather than a conventional encryption event and claims that the attackers have exfiltrated, or intend to publish, a substantial volume of corporate data. The post date is explicitly listed as August 14, 2025 (the publication date); no compromising date is provided in the data beyond this post date. The leak page notes a claim URL associated with the post, though the actual address is not shown in the metadata.

According to the leak, the attackers claim access to over 91GB of Lundberg Design’s documents, including financial data (audits, payment details, financial reports, invoices) and internal records containing personal data related to employees and customers, along with confidential information and NDAs. The page suggests this data could be released publicly or made available for download, consistent with double-extortion ransomware operations. The metadata reports no images or downloads on the page and does not provide a ransom amount. The victim is listed as United States-based; the industry field is not specified in the metadata, though the descriptive text characterizes the firm’s work in architectural design. All personal data references are sanitized in this summary; the page contains no additional media beyond a defanged claim URL.