Ransomware, Critical Infrastructure Security, Security Staff Acquisition & Development
Conti successor Akira stole 690GB of BHI Energy data

The ransomware group gained initial access to the company through a VPN connection. (Adobe Stock Images)
Ransomware gang Akira spent a month collecting and exfiltrating 690GB of data from the network of BHI Energy, including personal information belonging to more than 91,000 individuals.Details of the hack are set out in a lawyers’ letter disclosing the data breach sent to state regulators including the Office of the Attorney General of Iowa.The threat group gained initial access to the company through a VPN connection using a compromised user account belonging to a third-party contractor. BHI Energy managed to circumvent Akira’s attempt to encrypt parts of its network, but the fate of the stolen data remains unclear.Headquartered in Weymouth, Massachusetts, BHI Energy is a subsidiary of the Westinghouse Electric Company, which provides services and staffing solutions for the energy sector. The Akira gang includes actors previously involved in the once-powerful Conti ransomware group which unraveled in 2022.The data breach disclosure letter included more details about the incident than most organizations disclose after a cyberattack — something Josh Lemon, managed detection and response director for Uptycs, described as a positive development.“The level of detail provided about the compromise is a welcome change and a step in the right direction to provide confidence that BHI Energy knows the full scope of the incident, even if some details aren’t favorable to BHI Energy,” he said.“It’s important that more organizations move to provide this level of detail to be transparent with their customers and provide confidence that details of an incident are thoroughly known.”
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds