Akira Ransomware, a notorious ransomware group, has claimed responsibility for a cyber attack on Regency Media, a now-defunct Australian media company. This incident highlights the often-overlooked security risk of cyber attacks on closed businesses. The ransomware gang published details of the attack on its dark web leak site.
Regency Media, which produced discs, VHS tapes, and audio cassettes for Australian entertainment companies, dissolved in 2023. Despite this, Akira Ransomware claims to have stolen over 16 GB of sensitive data.
“We are ready to upload more than 16 GB of essential corporate data such as: NDAs, driver’s licenses, passports, contact numbers and email addresses of employees and customers, financial data (audits, payment details, reports), etc,” the group stated.
The veracity of Akira’s claims remains unverified. However, the incident underscores a significant cybersecurity challenge. Data often persists on legacy systems even after a company ceases operations, making defunct firms vulnerable to ransomware attacks.
Christiaan Beek, Rapid7’s senior director of threat analytics, commented on the implications:
“This scenario highlights a critical challenge in cyber security: the risks posed by unmanaged legacy data when businesses shut down. Even after closure, sensitive data often remains on servers or cloud systems that can become easy targets for attackers, especially if they’re no longer monitored or secured.”
This isn’t an isolated incident. In November 2023, the INC Ransomware gang targeted Nicholsons Solicitors, a Brisbane-based law firm, exfiltrating potentially 250 gigabytes of data, including client correspondence, court documents, and financial details.
To mitigate such risks, Beek recommends a thorough data inventory before business closure. He emphasizes the importance of securely wiping or encrypting systems and entrusting retained data to a responsible custodian or third party.
“Without these steps, legacy data can linger as a liability, with no clear accountability. This incident underscores the need for greater awareness and stronger frameworks to manage residual data post-closure,” Beek concluded.
The Akira Ransomware attack serves as a stark reminder of the enduring threat of ransomware and the importance of robust data security practices, even after business closure.
