Ransomware Group: AKIRA

VICTIM NAME: Selenis (Evertis)

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the AKIRA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page pertains to a cybersecurity incident involving a manufacturing company identified as Selenis, part of the IMG Group, based in Portugal. The incident was discovered on May 8, 2025, and involves the threat actors claiming to have exfiltrated over 70GB of confidential corporate data. The compromised information reportedly includes sensitive client personal details, such as passports, medical records, drivers’ licenses, court files, financial data, and non-disclosure agreements. The threat actor has provided a magnet link, enabling the download of the stolen data via torrent clients, emphasizing the availability of unprotected archives. The page also indicates recent website updates, likely related to the ongoing situation, and showcases screenshots of internal documents, underscoring the seriousness of data exposure.

The targeted company operates within the manufacturing sector and has a global presence, although specific details about the extent of the breach remain limited. The threat actor claims to have uploaded the data to facilitate public access, with instructions for retrieving the information using common torrent platforms. No personally identifiable details of victims or employees are disclosed on the leak page, adhering to content sanitization standards. The presence of screenshots depicting internal documents suggests a potential internal compromise, raising concerns about operational security and data protection. This incident underscores the growing risks faced by industrial firms and highlights the importance of robust cybersecurity measures in safeguarding sensitive corporate and client information.