AkzoNobel confirmed a contained security incident at one of its U.S. sites after the Anubis ransomware gang leaked samples claiming to have stolen 170GB of data, including confidential agreements, passport scans, and internal technical documents. The company says the impact is limited, is notifying and supporting impacted parties, and is working with relevant authorities while Anubis continues to post stolen files. #AkzoNobel #AnubisRansomware
Keypoints
- AkzoNobel identified a security incident at a U.S. site that it says has been contained.
- Anubis ransomware claims to have stolen 170GB and nearly 170,000 files and has posted sample leaks.
- Leaked materials include confidential client agreements, emails, phone numbers, passport scans, and technical specification sheets.
- Anubis operates as a ransomware-as-a-service (RaaS) launched in December 2024, launched an affiliate program in February 2025, and added a data wiper in June 2025.
- AkzoNobel reports limited impact, is notifying affected parties, and will cooperate with authorities.