Hitachi Vantara, a subsidiary of Japanese multinational conglomerate Hitachi, was pressured to take servers offline over the weekend to comprise an Akira ransomware assault.
The corporate supplies knowledge storage, infrastructure programs, cloud administration, and ransomware restoration companies to authorities entities and among the world’s greatest manufacturers, together with BMW, Telefónica, T-Cell, and China Telecom.
In a press release shared with BleepingComputer, Hitachi Vantara confirmed the ransomware assault, saying it employed exterior cybersecurity consultants to research the incident’s affect and is now engaged on getting all affected programs on-line.
“On April 26, 2025, Hitachi Vantara skilled a ransomware incident that has resulted in a disruption to a few of our programs,” Hitachi Vantara instructed BleepingComputer.
“Upon detecting suspicious exercise, we instantly launched our incident response protocols and engaged third-party material consultants to assist our investigation and remediation course of. Moreover, we proactively took our servers offline so as to comprise the incident.
“We’re working as shortly as attainable with our third-party material consultants to remediate this incident, proceed to assist our prospects, and produce our programs again on-line in a safe method. We thank our prospects and companions for his or her endurance and adaptability throughout this time.”
Hitachi Vantara’s web site beneath upkeep (BleepingComputer)
Whereas the corporate did not hyperlink the assault to a selected menace group, BleepingComputer has realized that the Akira ransomware operation is behind the breach. A supply aware of the matter additionally stated the ransomware gang stole recordsdata from Hitachi Vantara’s community and dropped ransom notes on compromised programs.
BleepingComputer was additionally instructed that whereas the corporate’s cloud companies aren’t impacted, Hitachi Vantara programs and Hitachi Vantara Manufacturing had been disrupted as a part of the containment effort. Moreover, whereas Hitachi Vantara’s distant and assist operations are down, prospects with self-hosted environments can nonetheless entry their knowledge as common.
A second supply instructed BleepingComputer that the assault has additionally affected a number of initiatives owned by authorities entities.
Akira surfaced in March 2023 and shortly gained notoriety after claiming many victims worldwide throughout numerous industries. Since then, Akira has added over 300 organizations to its darkish internet leak web site and claimed a number of high-profile victims, together with Stanford College and Nissan (Oceania and Australia).
In line with the FBI, Akira ransomware collected roughly $42 million in ransom funds till April 2024 after breaching over 250 organizations.
Based mostly on negotiation chats seen by BleepingComputer, the gang’s ransom calls for vary from $200,000 to thousands and thousands of {dollars}, relying on the compromised group’s dimension.
