Summary
On October 2, 2025, the ransomware group Akira publicly claimed responsibility for an attack targeting Xebec Building, a U.S.-based company specializing in design and construction services. According to the threat actor’s post, they plan to release sensitive corporate data unless negotiations are initiated.
Incident Report
| Field | Details |
|---|---|
| Target | Xebec Building |
| Domain | Not specified |
| Country | USA |
| Attacking Group | Akira |
| Date Reported | October 2, 2025 |
| Threat Actor Statement | “We are going to upload corporate data soon. Detailed employee information (Name, DOB, DLs and other docs), financial and accounting files, clients and customers information, contracts and agreements, projects, lots of policies, etc.” |
About Xebec Building
Xebec Building is a premier design build and general construction firm, offering its services throughout major Los Angeles and Southern California submarkets. The company is renowned for its innovative construction solutions and commitment to quality.
About Akira
The Akira group is known for its cyber attacks targeting various industries. Their operations typically involve ransomware attacks, where they encrypt sensitive data and demand a ransom for decryption.
Proactive Response to Ransomware Threats
Organizations must stay vigilant against ransomware threats by implementing robust cybersecurity measures. Darkweb monitoring is crucial for early detection of potential threats and data leaks. Regularly check your domain for breaches using tools like the Email Breach Checker to safeguard your company’s sensitive information.
Recommendations
- Monitor your domains and email addresses for exposure using reputable threat intelligence tools.
- Conduct a full compromise assessment and incident response drill internally.
- Verify backups and ensure they are offline and ransomware-resistant.
- Educate staff on phishing, social engineering, and lateral movement techniques used by groups like Qilin.
- Engage with cyber forensics and legal counsel before initiating contact with threat actors.
Check Your Exposure
Wondering if your organization or employees are impacted by recent breach activity?
-
Check domain-wide breach exposure:
mspdarkintel.com/domain-breach-scan -
Check if an email was breached:
mspdarkintel.com/email-breach-scan
Disclaimer
The MSPDarkIntel team does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information.
All breach data reported here is sourced from publicly available threat intelligence feeds for awareness and early-warning purposes only.
Our goal is to inform organizations of emerging threats so they can take timely defensive action.
Table of Contents
