03.03.2026
2 min
294
Dutch paint and coatings manufacturer AkzoNobel has confirmed a cyberattack targeting one of its U.S. facilities. While the company says the incident has been contained, the Anubis ransomware group claims it stole approximately 170GB of data and nearly 170,000 files, some of which have already been leaked.
The incident came to light after the Anubis ransomware gang published AkzoNobel on its leak site, claiming responsibility for the breach. According to a company spokesperson, the attack was limited to a single U.S. location and has since been contained.
“AkzoNobel detected a security incident at one of our locations in the United States. The incident was contained to the relevant site and has already been localized.”
Despite this statement, the attackers claim they exfiltrated a significant amount of sensitive data. According to the group, the stolen archive includes around 170GB of data and nearly 170,000 files.
Samples published by the attackers allegedly contain confidential agreements with major clients, email addresses, phone numbers, internal communications, technical documentation, material testing records, and even passport scans. AkzoNobel is one of the world’s largest paint and coatings manufacturers, employing approximately 35,000 people and generating more than $12 billion in annual revenue. Its portfolio includes well-known brands such as Dulux, Sikkens, International, and Interpon, with operations spanning over 150 countries.
The Anubis ransomware group, first observed in late 2024, operates under a Ransomware-as-a-Service (RaaS) model, offering affiliates up to 80% of ransom payments. In 2025, the operators also introduced a data wiper designed to permanently destroy victim files and increase pressure during extortion attempts. The AkzoNobel breach highlights how large multinational corporations remain prime targets for ransomware groups. Even when attacks are quickly contained, data exfiltration can lead to serious consequences for corporate security, business partners, and customer trust.
