[AKIRA] – Ransomware Victim: Sullivan Interests

AI Generated Summary of the Ransomware Leak Page

On October 30, 2025, the Akira ransomware leak concerns Sullivan Interests. The page describes Sullivan Interests as a diversified family of companies providing services across environmental remediation, disaster recovery, health, construction, infrastructure, and industrial sectors throughout North America and beyond. The post frames the incident as a data-leak event rather than a traditional encryption breach and states that roughly 40 GB of corporate documents will be uploaded in the near term. It asserts that the stolen data includes employee personal information such as passports and other identifiers, with addresses and phone numbers redacted in this summary, as well as dates of birth, driver’s license numbers, and Social Security numbers, together with accounting records, contracts and agreements, incident reports, police reports, and related tax forms (W-9). No ransom amount or demand is disclosed on the leak page. The metadata for this entry indicates there are no images or screenshots attached.

From a threat-intelligence perspective, this post signals a data-leak operation with a planned publication of internal documents and potential exposure of employee data. The absence of any stated ransom figure suggests a data-leak-only post at this time, though the downstream risk to individuals and to Sullivan Interests’ operations remains significant due to the exposure of personal and financial information. The post is dated October 30, 2025, which serves as the publish date since no compromise date is provided on the page. The leak entry contains no images or screenshots according to the accompanying metadata, and no external links are evident. The actor behind the post is identified as Akira in the leak metadata.