The notorious Akira ransomware group announced on October 29, 2025, that it successfully breached the systems of Apache OpenOffice<\/a>, exfiltrating a staggering 23 gigabytes of sensitive corporate data.<\/p>\n The group, known for its aggressive double-extortion tactics, posted details on its dark web leak site, threatening to release the information unless a ransom is paid. This incident underscores the escalating risks facing even non-profit software foundations in an era of sophisticated cyber threats.\u200b<\/p>\n Apache OpenOffice, a cornerstone of free office productivity tools developed under the Apache Software Foundation<\/a>, has long served as an accessible alternative to proprietary suites like Microsoft Office.<\/p>\n The software includes Writer for word processing, Calc for spreadsheets, Impress for presentations, Draw for vector graphics, Base for databases, and Math for formulas, supporting over 110 languages across Windows, Linux, and macOS platforms.<\/p>\n With millions of users worldwide, including in education and small businesses, the project relies on volunteer contributors and community funding. The alleged breach does not appear to compromise the public download servers, leaving end-users\u2019 installations safe for now.\u200b<\/p>\n According to Akira\u2019s post, the stolen data encompasses highly personal employee records, including physical addresses, phone numbers, dates of birth, driver\u2019s licenses, Social Security numbers, and credit card details.<\/p>\n Financial records, internal confidential documents, and extensive reports detailing application bugs and development issues are also purportedly included in the haul.<\/p>\n The group boasted, \u201cWe will upload 23 GB of corporate documents soon,\u201d highlighting the breadth of the intrusion into the foundation\u2019s operational backbone.\u200b<\/p>\n As of November 1, 2025, the Apache Software Foundation has neither confirmed nor denied the breach, with spokespeople declining immediate comment to cybersecurity outlets.<\/p>\n Independent verification remains elusive, raising questions about whether the data is fresh or repurposed from prior leaks. If authentic, the exposure could fuel identity theft and phishing campaigns targeting staff, though the open-source nature of OpenOffice limits direct risks to the software\u2019s codebase.\u200b<\/p>\n Akira<\/a>, a ransomware-as-a-service operation that surfaced in March 2023, has amassed tens of millions in ransoms through hundreds of attacks across the U.S., Europe, and beyond.<\/p>\n Specializing in data exfiltration before encryption, the group deploys variants for Windows and Linux\/ESXi environments, even hacking victim webcams for added leverage.<\/p>\n Communicating in Russian on underground forums, Akira notably spares systems with Russian keyboard layouts, hinting at geopolitical selectivity.\u200b<\/p>\n This incident comes during a rise in ransomware attacks targeting open-source projects, leading to calls for enhanced security in volunteer-driven ecosystems.<\/p>\n Organizations using Apache OpenOffice are advised to monitor for unusual activity and ensure data backups are isolated. As Akira\u2019s listing persists without resolution, the cybersecurity world watches closely for proof\u2014or fallout\u2014that could reshape trust in collaborative software development.\u200b<\/p>\n Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n The post Akira Ransomware Allegedly Claims Theft of 23GB in Apache OpenOffice Breach<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nDetails of the Alleged Breach<\/strong><\/h2>\n
![\"\"](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhhOTKHAd9SIyiVzdiKOdVYiymy0nQnu68G2ILounzVoUvuS-RfuquTQuprD091hfX0bLBont937WVpnC9fiaLCAmtQFlaBwNMrs8s_1686qc4hyphenhyphenJbkrclCii6JlCkUdcZlz33MjSpIHX-qE2qPAezEiizmDHIQW-4TTaEfm5t0ygYQZWkrTcD9gCEVnqe6\/s16000\/Alleged%2520Claim.webp?ssl=1\")
<\/figure>\n