Ransomware Group: AKIRA

VICTIM NAME: Heierli

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the AKIRA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware incident targeted Heierli, a company based in Switzerland involved in project planning, construction management, and civil engineering consulting. The attack was publicly disclosed on April 15, 2025, and the breach was discovered on the same day, indicating timely detection. The threat actors claim to have access to over 92 GB of critical company data, including contact information, financial documents, audits, reports, and nondisclosure agreements. Such data leaks could significantly impact the company’s operations and reputation if released. No personal employee data or third-party information was reported to be compromised at this time.

The leaked data appears to contain sensitive corporate documents that may pose risks such as targeted fraud, identity theft, or disruption of business activities. The attack group has indicated their readiness to release this information, but specific details or direct download links are not provided publicly. The incident was associated with an actor group identified as “akira,” suggesting coordinated cybercriminal activity. The cybersecurity status indicates no known involvement of third parties or external users at the moment. The incident highlights the ongoing threat of ransomware campaigns targeting infrastructure and construction industries in Switzerland and underscores the importance of cybersecurity preparedness.