US Energy Firm Shares How Akira Ransomware Hacked its Systems

US energy services firm BHI Energy has provided detailed information on how the Akira ransomware gang breached their network and stole data. The attack began when the threat actors used stolen VPN credentials to access BHI Energy's internal network. They conducted reconnaissance and stole 767k files containing 690 GB of data, including BHI's Windows Active Directory database. The ransomware was deployed on June 29, but BHI was able to recover their systems without paying a ransom. However, personal information of employees, including names, dates of birth, Social Security Numbers, and health information, was stolen. The Akira ransomware gang has not yet leaked this data. BHI has taken steps to enhance security measures and is offering identity theft protection services to affected individuals.