I saw it at https://www.ransomware.live/id/QXBhY2hlIE9wZW5PZmZpY2VAYWtpcmE=
I'll leave it up to you to decide whether and how to respond, but if we do, I think I'd include: * As an open source organization, transparency is a core principle, and we work in the open as much as possible. We don't think we even have 23GB of private data related to the project, and there are no employee or financial records specific to Apache OpenOffice. We suspect it will contain mainly (or even only) information that is already public. * Worst case they could leak some address information on committers, and prematurely share security reports that we're planning to disclose after releasing the corresponding fixes. * We haven't been contacted about any ransom We should probably ask AOO committers to proactively refresh their credentials, so in case the leak would contain those they're not usable? Kind regards, Arnout On Fri, Oct 31, 2025 at 2:33 AM Brian Proffitt <[email protected]> wrote: > This just came in. I am not convinced this real, so first off, > confirmation that something like this is even possible? > > What data would they even steal? > > BKP > > > Brian Proffitt > VP, Marketing & Publicity > VP, Conferences > > ---------- Forwarded message --------- > From: Waqas <[email protected]> > Date: Thu, Oct 30, 2025, 9:28 PM > Subject: Request for Comment on Akira Ransomware Claim Involving Apache > OpenOffice > To: <[email protected]> > > > Hi Team, > > This is Waqas from Hackread.com, a London, UK based cybersecurity > magazine. We’re covering a developing story in which the Akira ransomware > group has claimed to have breached Apache OpenOffice and stolen around 23GB > of internal data. > > Our report is available here: > https://hackread.com/akira-ransomware-stole-apache-openoffice-data/ > > Could you please confirm whether Apache Software Foundation is aware of > this claim, and if so, whether there is any indication of unauthorized > access or data compromise within your systems? > > If you have an official statement or are planning to release one, I’d > appreciate it if you could share it with us for inclusion in our report. > > Thank you for your time, and I look forward to your response. > > Best regards, > > Waqas > Founder & Editor > HackRead.com <https://www.hackread.com/> > Keybase: w4k4s <https://keybase.io/w4k4s> > Twitter <https://twitter.com/Writerblues> Facebook > <https://www.facebook.com/profile.php?id=100009530089714&fref=ts> > Leeds, United Kingdom > -- Arnout Engelen ASF Security Response Apache Pekko PMC member, ASF Member NixOS Committer Independent Open Source consultant
