The multinational Dutch paint company AkzoNobel has confirmed that hackers breached the network of one of its U.S. sites.
Following a data leak from the Anubis ransomware gang, a company spokesperson said the company contained the intrusion and limited the impact.
“AkzoNobel has identified a security incident at one of our sites in the United States. The incident was limited to the respective site and was already contained,” the company told.
“The impact is limited, and we are taking the appropriate steps to notify and support impacted parties, and will work closely with relevant authorities.”
Anubis Ransomware Claims Large-Scale Data Theft
Meanwhile, Anubis ransomware claims it stole 170GB of data, nearly 170,000 files, from AkzoNobel. The group also leaked samples on its leak site, including screenshots of select documents and a list of the stolen files.
Specifically, the published data contains confidential agreements with high-profile clients, email addresses, phone numbers, private email correspondence, passport scans, material testing documents, and internal technical specification sheets.
AkzoNobel entry on the Anubis ransomware site
Source: BleepingComputer
At the time of writing, the Anubis leak remains only partial. However, AkzoNobel did not share with BleepingComputer whether it engaged with the threat actor.
Anubis Expands Operations in 2025
Notably, Anubis operates as a ransomware-as-a-service (RaaS) platform that launched in December 2024 and offers affiliates 80% of paid ransoms.
Subsequently, in February 2025, the operators launched an affiliate program on the RAMP forum, which boosted the group’s activity and influence in the cybercrime space.
Moreover, in June the same year, Anubis added a data wiper to its arsenal and now destroys victims’ files to prevent recovery.
Source: BleepingComputer, Bill Toulas
Read more at Impreza News
