Followmont Transport Hit by Akira Ransomware Attack
Ransomware Attack on Followmont Transport by Akira Group
Followmont Transport Pty Ltd, a leading logistics company in Australia, has fallen victim to a ransomware attack orchestrated by the notorious Akira group. This incident highlights the vulnerabilities faced by companies in the logistics sector, particularly those with extensive data and operational dependencies.
Company Overview
Established in 1984, Followmont Transport is a family-owned business based in Queensland, Australia. The company specializes in express road freight services, catering to both urban and rural areas across Queensland and Northern New South Wales. With a fleet of over 1,000 vehicles and a workforce of approximately 305 employees, Followmont is known for its commitment to customer service and its ability to deliver time-sensitive goods to remote locations. The company reported an annual revenue of $136.6 million, underscoring its significant presence in the logistics industry.
Details of the Attack
The Akira ransomware group claims to have exfiltrated 230 GB of sensitive data from Followmont Transport. The compromised data reportedly includes non-disclosure agreements, passports, driver licenses, medical documents, and financial information. Despite the breach, Followmont's systems remain operational, and the company has taken immediate steps to notify relevant authorities. Followmont is actively monitoring its network and has advised against accessing the threat actor's leak site.
About Akira Ransomware Group
Akira emerged in March 2023 as a Ransomware-as-a-Service (RaaS) entity, employing a double extortion model. The group is known for its sophisticated encryption techniques and potential ties to the former Conti group. Akira targets sectors with high-stakes data, including healthcare, finance, and logistics, using advanced methods to penetrate systems. The group has developed a Rust-based variant for Linux, enhancing its cross-platform capabilities.
Potential Vulnerabilities
Followmont Transport's extensive data and operational dependencies make it an attractive target for ransomware groups like Akira. The company's reliance on digital tools for service delivery and operational efficiency may have exposed vulnerabilities that Akira exploited. The attack underscores the importance of effective cybersecurity measures, particularly for companies with significant data assets and operational reach.
Sources
Disclaimer
The Halcyon Attacks Lookout Database is compiled using publicly available information based on the hosting choices of real-world threat actors and data from a variety of trackers. This information is provided in accordance with principles of fair use. Halcyon has made reasonable efforts to sanitize and verify the data; however, we do not guarantee the accuracy, completeness, or reliability of the information provided. Updates to the database are made as new source data becomes available from reputable sources. By accessing, viewing, or using the information within the Halcyon Attacks Lookout Database, you acknowledge and agree to do so entirely at your own risk. No reliance should be placed upon the information for decision-making, and Halcyon disclaims all liability for any inaccuracies or omissions in the data.
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!