- Hitachi Vantara, a subsidiary of Hitachi, confirmed to suffer from a ransomware attack
- Working to restore his services, he had to stop parts of his infrastructure, affecting many customers and services
- The media say that it is the work of the Ransomware Akira operation
Hitachi Vantara was forced to draw parts of its offline computer infrastructure to counter Ransomware infection. The company has confirmed the news in a written declaration shared with the media.
Hitachi Vantara is a data infrastructure and analysis company. It is a subsidiary of the Japanese giant Hitachi and provides storage systems, cloud solutions and data management software.
Many of its customers are large companies from different industries, including finance, health care, manufacturing and government sectors. Lufthansa, Disney, national banks and government organizations, all use the services of Hitachi Vantara.
Ransomware Akira
In a written declaration shared with BleepingCompute, the company said it has undergone a ransomware attack that disrupted its network:
“On April 26, 2025, Hitachi Vantara experienced a ransomware incident which led to a disturbance of some of our systems,” said Hitachi Vantara to the publication, stressing that he removed servers to contain the incident, brought his third party experts to help, and that he works “as quickly as possible” to restore his operations.
Although this did not say who were the threat actors, Bleeping Compompute says it is the work of the Ransomware Akira operation, citing a familiar source with the issue. The same source also claims that the group has stolen sensitive files from the Hitachi Vantara network and requests a ransom payment.
The Cloud services of Hitachi Vantara dodged a bullet, said the publication, but added that to contain the incident, the company had to disturb Hitachi Vantara systems and the manufacture of Hitachi Vantara. On the other hand, customers with self-hosted environments can always access their data.
Akira emerged for the first time in 2023, targeting companies in different industries with usual double exposure tactics. It focuses on average and large organizations in manufacturing, education, finance and health care, and interrupts VPN vulnerabilities and stolen references. Some of its most notable victims include Nissan Oceania, Stanley Steemer and Bluefield University.
Via Bleeping Compompute
