Akira Ransomware Hits ETC Companies Exposing Sensitive Data

Incident Date: Oct 02, 2024

Attack Overview

VICTIM

ETC Companies

INDUSTRY

Construction

LOCATION

USA

ATTACKER

Akira

FIRST REPORTED

October 2, 2024

Request Removal

Ransomware Attack on ETC Companies by Akira Group

ETC Companies, a leading general contractor based in Ramsey, New Jersey, specializing in large-scale affordable housing projects, has fallen victim to a ransomware attack by the notorious Akira group. The attack, which has been claimed on Akira's dark web leak site, reportedly involves the exfiltration of approximately 10 GB of sensitive data, potentially compromising project details, client information, and internal communications.

About ETC Companies

ETC Companies has established itself as a prominent player in the affordable housing sector, with a portfolio of over 125 projects valued at more than $1 billion. The company is renowned for its expertise in tenant-in-place rehabilitations and tenant relocation initiatives, emphasizing quality workmanship and project management. With a workforce of 20 to 49 employees, ETC Companies is committed to meeting deadlines and minimizing unexpected costs, which are critical in the affordable housing industry.

The company's operational philosophy includes maintaining strong relationships with residents during rehabilitation efforts and adhering to regulatory compliance and safety standards. This focus on community welfare and operational efficiency has earned ETC Companies a strong reputation in the construction industry.

Details of the Attack

The Akira ransomware group has claimed responsibility for the attack on ETC Companies, asserting that they have successfully infiltrated the company's systems. The breach poses significant risks, potentially exposing confidential project details and sensitive client information. The attack highlights the vulnerabilities faced by companies in the construction sector, which may not always prioritize cybersecurity measures.

Profile of Akira Ransomware Group

Akira is a ransomware variant that emerged in March 2023, known for its sophisticated attack methods and extensive targeting capabilities. The group employs a hybrid encryption scheme and utilizes various distribution methods, including exploiting vulnerabilities in VPN software and using compromised login credentials. Akira operates using a double-extortion model, exfiltrating sensitive information before demanding a ransom.

Akira distinguishes itself by its aggressive tactics and focus on larger organizations across various sectors, including education, finance, and healthcare. The group has been linked to the now-defunct Conti ransomware group, complicating tracking efforts due to shared methodologies and tools.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.