Hitachi Vantara takes down important systems following Akira ransomware attack

• Hitachi Vantara, a subsidiary of Hitachi, confirmed suffering a ransomware attack
• Working to restore its services, it had to shut down parts of its infrastructure, affecting many clients and services
• The media say this is the work of the Akira ransomware operation

Hitachi Vantara was forced to pull parts of its IT infrastructure offline to counter a ransomware infection. The company confirmed the news in a written statement shared with the media.

Hitachi Vantara is a data infrastructure and analytics company. It is a subsidiary of the Japanese giant Hitachi, and provides storage systems, cloud solutions, and data management software.

Many of its customers are large enterprises from different industries, including finance, healthcare, manufacturing, and government sectors. Lufthansa, Disney, national banks, and government organizations, all use Hitachi Vantara’s services.

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month

​Keeper is a cybersecurity platform primarily known for its password manager and digital vault, designed to help individuals, families, and businesses securely store and manage passwords, sensitive files, and other private data.

It uses zero-knowledge encryption and offers features like two-factor authentication, dark web monitoring, secure file storage, and breach alerts to protect against cyber threats.

Preferred partner (What does this mean?)

View Deal

Akira ransomware

In a written statement shared with BleepingComputer, the company said it suffered a ransomware attack that disrupted its network:

"On April 26, 2025, Hitachi Vantara experienced a ransomware incident that has resulted in a disruption to some of our systems," Hitachi Vantara told the publication, stressing that it took down servers to contain the incident, brought in third-party experts to help, and that it’s working “as quickly as possible” to restore its operations.

While it didn’t say who the threat actors were, BleepingComputer claims this is the work of the Akira ransomware operation, citing a source familiar with the matter. The same source also claims the group stole sensitive files from Hitachi Vantara’s network and is requesting a ransom payment.

Hitachi Vantara’s cloud services have dodged a bullet, the publication further said, but added that in order to contain the incident, the company had to disrupt both Hitachi Vantara systems and Hitachi Vantara Manufacturing. On the flipside, customers with self-hosted environments can still access their data.

Akira first emerged in 2023, targeting businesses in different industries with the usual double-extortion tactics. It focuses on medium and large organizations in manufacturing, education, finance, and healthcare, and breaks in through VPN vulnerabilities and stolen credentials. Some of its more notable victims include Nissan Oceania, Stanley Steemer, and Bluefield University.

Via BleepingComputer

You might also like

• Hackers spotted using unsecured webcam to launch cyberattack
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers