[AKIRA] – Ransomware Victim: Mecanex USA

AI Generated Summary of the Ransomware Leak Page

On November 3, 2025, a leak post attributed to the AKIRA group targets Mecanex USA, a U.S. manufacturing entity. The post frames Mecanex USA as a U.S. subsidiary within a larger aviation organization and states that the attackers intend to upload 24 GB of corporate documents in the near term, signaling a data-exfiltration event rather than a purely encrypted incident. The material described as exposed includes sensitive employee information (such as social security numbers, passport data, driver’s license numbers, phone numbers, and home addresses), confidential military information, a large collection of contracts and agreements (including military contracts), information on how to work with explosive materials, and NDAs. Taken together, the post emphasizes a potential data-leak scenario with significant risk to personnel privacy and defense-related materials.

The post does not provide any screenshots or images, and there is no stated ransom amount or demand in the posted content. The temporal marker available is the post date, which is November 3, 2025; no compromise date is disclosed, so this date is treated as the post date. The content centers on the manufacturing sector in the United States and underscores the risk that employee PII and confidential materials—some of which may be sensitive or defense-related—could be released publicly. There are no visible download links or corroborating files within the post, suggesting the attackers’ data-release timeline is the primary claim at this stage.