Hitachi Ventara, a subsidiary of Japanese multinational group Hitachi, was forced to offline servers over the weekends to incorporate the Akira ransomware attack.
The company provides data storage, infrastructure systems, cloud management, and ransomware recovery services to government institutions and some of the largest brands in the world, including BMW, telephonica, T-Mobile and China Telecom.
In a statement shared with the Blapping Computer, Hitachi Ventara confirmed the ransomware attack, saying that it has hired external cyber security experts to investigate the effect of the incident and is now working on receiving all the affected systems online.
“On April 26, 2025, Hitachi Vantara experienced a ransomware incident, resulting in some of our systems disrupted,” Hitachi Vantara told Blapping Computer.
“On detecting suspicious activity, we immediately launched our event response protocol and felt the specialist experts of the subject to support our investigation and therapeutic procedure. In addition, we offered our servers offline to include the incident.
“We continue to support our customers as soon as possible with our third-party themes subject matter experts to overcome this phenomenon, and bring back our system safely online. We thank our customers and partners for their patience and flexibility during this period.”
While the company did not connect the attack to a specific danger group, BlappingCopper has learned that Akira is behind the ransomware operation breech. A source familiar with the case also said that the Rainsmware gang stole files from Hitachi Vantara’s network and dropped ransom notes on the compromised system.
Bleepingcomputer was also reported that while the company’s cloud services are not affected, Hitachi Vantara Systems and Hitachi Vantara were interrupted as part of the attempt to prevent manufacturing. Additionally, while Hitachi Vantara’s remote and support operations are below, customers with self-hosted environment can still access their data as always.
Another source told Bleepingcomputer that the attack has also affected several projects owned by government institutions.
Akira came to light in March 2023 and quickly got infamous after claiming several victims worldwide in various industries. Since then, Akira has added over 300 organizations to her dark web leaked site and claimed several high-profile victims including Stanford University and Nissan (Oceania and Australia).
According to the FBI, Akira Rainmware collected about $ 42 million in the ransom payment by April 2024 after a violation of more than 250 organizations.
Depending on the interaction chats seen by Bleepingcomputer, the ransom demand for the gang ranges from $ 200,000 to millions of dollars to the size of the organization size.
