Hitachi Vantara takes down important systems following Akira ransomware attack
- Hitachi Vantara, a subsidiary of Hitachi, confirmed suffering a ransomware attack
- Working to restore its services, it had to shut down parts of its infrastructure, affecting many clients and services
- The media say this is the work of the Akira ransomware operation
Hitachi Vantara was forced to pull parts of its IT infrastructure offline to counter a ransomware infection. The company confirmed the news in a written statement shared with the media.
Hitachi Vantara is a data infrastructure and analytics company. It is a subsidiary of the Japanese giant Hitachi, and provides storage systems, cloud solutions, and data management software.
Many of its customers are large enterprises from different industries, including finance, healthcare, manufacturing, and government sectors. Lufthansa, Disney, national banks, and government organizations, all use Hitachi Vantara’s services.
Akira ransomware
In a written statement shared with BleepingComputer, the company said it suffered a ransomware attack that disrupted its network:
“On April 26, 2025, Hitachi Vantara experienced a ransomware incident that has resulted in a disruption to some of our systems,” Hitachi Vantara told the publication, stressing that it took down servers to contain the incident, brought in third-party experts to help, and that it’s working “as quickly as possible” to restore its operations.
While it didn’t say who the threat actors were, BleepingComputer claims this is the work of the Akira ransomware operation, citing a source familiar with the matter. The same source also claims the group stole sensitive files from Hitachi Vantara’s network and is requesting a ransom payment.
Hitachi Vantara’s cloud services have dodged a bullet, the publication further said, but added that in order to contain the incident, the company had to disrupt both Hitachi Vantara systems and Hitachi Vantara Manufacturing. On the flipside, customers with self-hosted environments can still access their data.
Akira first emerged in 2023, targeting businesses in different industries with the usual double-extortion tactics. It focuses on medium and large organizations in manufacturing, education, finance, and healthcare, and breaks in through VPN vulnerabilities and stolen credentials. Some of its more notable victims include Nissan Oceania, Stanley Steemer, and Bluefield University.
Via BleepingComputer
You might also like
Hitachi Vantara, a subsidiary of Hitachi, confirmed suffering a ransomware attack Working to restore its services, it had to shut down parts of its infrastructure, affecting many clients and services The media say this is the work of the Akira ransomware operation Hitachi Vantara was forced to pull parts of…
