Apache OpenOffice Denies Ransomware Gang’s Breach Claims
▼ Summary
– The Apache Software Foundation denies claims of an Akira ransomware attack on its OpenOffice project, despite the gang’s assertion of stealing 23 GB of corporate documents.
– Akira ransomware claimed to have breached Apache OpenOffice and stolen employee, financial, and internal files, which they threatened to leak.
– The Apache Software Foundation states it does not possess the types of data described in the claim, as OpenOffice contributors are unpaid and the project operates openly.
– An investigation by the Foundation found no evidence of a breach, and no ransom demand has been reported to them.
– There is currently no proof of a system compromise, and Akira has not released any of the allegedly stolen data.
The Apache Software Foundation has firmly denied allegations made by the Akira ransomware group concerning a security breach of its OpenOffice project. This widely used, free office suite, which provides tools for word processing, spreadsheets, presentations, and more, remains a trusted resource for users across different operating systems. The foundation is actively investigating the claims but has found no proof of any compromise.
On October 30, the Akira ransomware gang posted an entry on its data leak site asserting it had infiltrated Apache OpenOffice and exfiltrated 23 GB of corporate documents. According to their statement, the stolen data reportedly included employee details such as addresses, phone numbers, dates of birth, driver’s licenses, Social Security numbers, and credit card information, along with financial records and confidential internal files. They also claimed to possess numerous reports detailing application problems.
Despite these assertions, the Apache Software Foundation responded by stating it has no knowledge of such an incident. A spokesperson explained that the foundation takes security seriously but has not received any ransom demand. Crucially, they emphasized that Apache OpenOffice operates as an open-source project with unpaid contributors, meaning the foundation does not store the types of sensitive employee or financial data described by the hackers.
Because the project’s development occurs transparently through public mailing lists, discussions about bugs and feature requests are already accessible to everyone. This open model makes it unlikely that the kind of proprietary internal documents cited by Akira even exist within the project’s infrastructure.
To date, the foundation’s internal review has uncovered no signs of unauthorized access. Law enforcement and external cybersecurity experts have not been contacted, as the investigation has not revealed any credible evidence of a breach. Furthermore, the Akira group has not released any of the data it claims to have stolen, lending support to the foundation’s position that the allegations are unfounded.
(Source: Bleeping Computer)
