American Steel & Aluminum Co., Inc. has allegedly fallen victim to the Akira ransomware group.
This malicious group, known for its relentless attacks on various sectors, has claimed access to a staggering 70GB of American Steel & Aluminum’s data, including sensitive project information, financial documents, and employee details.
The American Steel & Aluminum data breach was made public on the dark web channel operated by the threat actors on September 14, 2023.
At present, the American Steel & Aluminum security breach remains unconfirmed. The threat actors have issued a breach announcement but have not provided any sample data with their statements.
However, considering the recent cyber attack cases involving the Akira ransomware group, the claims for the American Steel & Aluminum data breach cannot be eliminated.
American Steel & Aluminum data breach explained
If it’s true, the American Steel & Aluminum data breach will put a lot of pressure on the company as the stolen data can be used to target victims in the government and non-government sectors.
However, the threat actor have not listed the exact names of the files, folders, and documents.
The Cyber Express has also reached out to the company to learn more about this alleged American Steel & Aluminum data breach. We will update this report once we receive an official statement or response from the company.
Regrettably, this incident involving American Steel & Aluminum is not an isolated case within the industry.
Another major player in the sector, Reliance Steel & Aluminum & Co., recently experienced a similar breach.
Suspecting unauthorized activity within their information network, Reliance Steel & Aluminum & Co. initiated an investigation that confirmed an unauthorized actor had accessed specific network systems.
American Steel & Aluminum Data Breach and Recent Cyber Attacks
During this unauthorized access period, private data from Reliance Steel & Aluminum & Co. systems was compromised, affecting many individuals.
The extent to which this private information has been exploited for criminal purposes remains unknown. It is worth noting that the full impact of such data breaches often unfolds over months or even years.
Reliance Steel & Aluminum & Co. has begun notifying affected individuals and has also engaged with state authorities to ensure public protection against potential misuse of the stolen data.
Notorious for its activities, the Akira ransomware group has emerged as a significant threat actor targeting the steel and aluminum industry and the broader health sector worldwide.
Federal authorities have warned the health sector about the imminent threats posed by Akira, a ransomware-as-a-service group that surfaced approximately six months ago.
Akira’s modus operandi involves double-extortion attacks, encompassing data theft followed by ransomware encryption.
The threat actor has been observed employing phishing emails, malicious websites, drive-by download attacks, and Trojans to infiltrate its targets.
Notably, researchers have detected similarities between Akira and the disbanded Conti ransomware group, such as code overlap, the use of ChaCha 2008 encryption, and key generation methods resembling those used by Conti.
Moreover, Akira shares commonalities with Conti regarding directory exclusions during encryption and cryptocurrency wallets used for transactions.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
