Akira Ransomware Group Claims Breach of Laboratorios Belloch, Exposing Sensitive Data

• The company behind the Nelly, Yunsey, and Fresh Feel hair and beauty brands may have been hit by a cyberattack.
• Akira ransomware announced exfiltrating data on finances, clients, contracts, and more.
• The threat actor claimed to hold approximately 25GB of stolen data, including employee personal documents.

The Akira ransomware group has claimed responsibility for a significant data breach targeting Laboratorios Belloch, a major Spanish manufacturer known for hair and beauty products under brands including Nelly, Yunsey, and Fresh Feel. 

According to statements released by the threat actors on their leak site, the cybercriminal operation allegedly exfiltrated approximately 25GB of highly sensitive corporate data.

The stolen data reportedly encompasses a wide array of confidential materials. This includes detailed project files, comprehensive financial records, client data, contractual documents, internal and external correspondence, as well as personal documents belonging to employees. 

The breadth and depth of the exfiltrated data raise concerns about significant operational, legal, and reputational ramifications for Laboratorios Belloch and its associated brands.

While Laboratorios Belloch has yet to issue a public statement verifying the incident or disclosing specifics regarding the extent of the compromise, the nature of the leaked data suggests exposure of trade secrets and strategic relationships. 

The unauthorized disclosure of such information could result in third-party risks, potential regulatory scrutiny under data protection frameworks like the GDPR, and follow-on attacks that may exploit the leaked data.

Akira Ransomware, active since early 2023, has rapidly established itself within the Ransomware-as-a-Service (RaaS) ecosystem, leveraging tools like LaZagne and Mimikatz for stealing credentials. 

Their operations are characterized by the targeting of companies across Europe and North America that process or store valuable intellectual property and sensitive personal information.

In March, a security expert reverse-engineered the Akira ransomware process via groundbreaking GPU technology and discovered the encryption’s timing mechanism flaws.