The Apache OpenOffice project has come under scrutiny after the Akira ransomware group claimed to have carried out a cyberattack and stolen 23 gigabytes of internal data.
However, the organization overseeing the development of the office suite disputes the veracity of these claims, citing a lack of evidence of a data leak and a discrepancy with the actual structure of the project.
Information about the alleged attack appeared on the Akira leak website on October 30. The attackers claimed to have accessed internal reports, financial documents, and personal data, including addresses, phone numbers, driver’s licenses, Social Security numbers, and even banking information .
They said the leak not only involved company materials, but also contained details of issues with the software itself.
Representatives of the Apache Software Foundation have expressed doubts about the veracity of these claims. They do not possess any information that could be stolen by attackers, as the OpenOffice project is created and maintained exclusively by volunteers who are not employees of the foundation.
The project structure does not include paid positions, which means no personnel or accounting data is collected. Development is conducted publicly via open mailing lists, and all inquiries and discussions are freely accessible.
It was also emphasized that no ransom demand was made to the foundation and that no signs of compromise of the project’s infrastructure were detected. Representatives of the organization clarified that , at the time of the investigation, no contact had been established with law enforcement or third-party security specialists, as there were no grounds for doing so.
Despite the hackers’ claims, the Akira group has yet to release any evidence to support their claims. As of early November, no material allegedly obtained from the attack had been made public.
Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.
