[AKIRA] – Ransomware Victim: Nobu Restaurants

AI Generated Summary of the Ransomware Leak Page

On November 5, 2025, Nobu Restaurants, a US-based brand in the hospitality and tourism sector, is named as a victim in a ransomware leak post attributed to the threat actor group ‘akira.’ The post frames the incident as a data-leak event and states that the attackers plan to upload more than 71 GB of corporate documents. It enumerates the data types it claims to have obtained or will obtain, including employee and owner information (passports, driver’s licenses, and other personal identifiers), detailed financials, confidential files, and NDA documents. There is no explicit ransomware encryption claim or ransom figure shown in the excerpt; the content centers on potential data disclosure and extortion through data release. The leak page carries a post date of 2025-11-05, which is used as the post date in the absence of a disclosed compromise date.

Metadata indicates there are no screenshots or images accompanying the post, and there are no downloadable attachments. The narrative centers on Nobu Restaurants and the promised release of internal documents, which would involve sensitive personal data and confidential corporate information if realized. In line with privacy considerations, the summary redacts personal identifiers referenced by the post (such as passport and driver’s license data) while preserving the victim name. The overall posture signals a data-leak risk with potential reputational, privacy, and regulatory implications for Nobu Restaurants and the hospitality sector more broadly.