Avelina Targeted: Akira Ransomware Attack Exposes Data

Incident Date: May 28, 2024

Attack Overview

VICTIM

Avalina

INDUSTRY

Agriculture

LOCATION

USA

ATTACKER

Akira

FIRST REPORTED

May 28, 2024

Request Removal

Ransomware Attack on Avelina by Akira

Company Overview

Avelina is a multinational company in the food industry, with factories located in the United States, Chile, and Venezuela. They specialize in producing and selling high-quality olive oil and other gourmet food products sourced from the Mediterranean region. Avelina offers a range of olive oils, olives, vinegars, and sauces, providing customers with authentic Mediterranean flavors.

Company Size and Standout

With over 1,500 employees across its three factories, Avelina boasts a significant monthly production capacity of 16,500 tons. The company is renowned for its commitment to quality, social responsibility, and various social programs, focusing on human resources, commercial allies, suppliers, and consumers.

Victim Vulnerabilities

Avelina's prominence in the food industry and its extensive network of suppliers and customers make it an attractive target for threat actors like the Akira ransomware group. The company's large size and substantial production capacity may have made it challenging to secure all entry points, enabling the ransomware group to exploit vulnerabilities in their systems.

Attack Overview

The Akira ransomware group targeted Avelina, leaking 36GB of data that included sensitive information such as client and competitor details, financial documents, and personal data. The group employed double extortion tactics, demanding a ransom for decryption and data deletion to pressure the victim into paying.

Ransomware Group Profile

Emerging in March 2023, Akira is a rapidly growing ransomware family targeting small to medium-sized businesses across various sectors. Known for its double extortion tactics and retro 1980s-style dark web leak site, the group continuously adapts its tactics to target organizations effectively.

Attack Penetration

Akira likely infiltrated Avelina's systems through unauthorized access to VPNs, credential theft, and lateral movement to deploy the ransomware. The group may have exploited vulnerabilities in the company's network security, allowing them to exfiltrate data and encrypt systems to demand ransom.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.