Akira Ransomware Targets Apache OpenOffice
The Akira Ransomware group has claimed responsibility for stealing sensitive data from the servers of Apache OpenOffice, the open-source office suite managed by the Apache Software Foundation and comparable to Microsoft Office.
According to the group, approximately 23GB of data was exfiltrated, including employee information such as phone numbers, contact addresses, driver’s licenses, Social Security numbers, financial records, R&D materials, and credit card details.
In response, Apache OpenOffice has notified law enforcement and engaged cybersecurity experts to assist in mitigating the breach and countering the gang’s double extortion tactics—where attackers both encrypt and threaten to leak stolen data.
Conduent Confirms Breach Impacting 10.5 Million Individuals
Conduent, a U.S.-based business process outsourcing (BPO) company, has confirmed that a 2024 cyberattack may have exposed personal data belonging to over 10.5 million customers.
In a statement, the company disclosed that compromised data may include names, Social Security numbers, dates of birth, health insurance details, and medical histories. The breach was first discovered in January 2025, with a full investigation concluding in September 2025. Analysts have attributed the attack to the Safepay ransomware group.
Conduent has notified the U.S. Attorney General’s Office and plans to inform affected individuals before the end of the year. The company is reportedly preparing to offer free credit monitoring and fraud alert services to victims for a full year.
Clearview AI Faces Criminal Charges in Austria Over Facial Recognition Data
Clearview AI, a U.S.-based facial recognition company, is facing criminal charges in Austria for allegedly collecting facial recognition data and other personal information from online users without consent.
The case, filed on October 28, 2025, by European privacy organization NOYB (None of Your Business), accuses Clearview of violating EU privacy laws by scraping and storing European users’ data on U.S. servers.
Clearview AI, which claims to have amassed over 60 billion facial images from social media sites, news outlets, and criminal databases, argues that it does not operate within the European Union and is therefore not subject to the General Data Protection Regulation (GDPR).
However, Austrian authorities contend that because the company processes data belonging to EU residents, it must comply with GDPR. As a result, Clearview AI could face severe penalties, including hefty fines and potential jail terms for executives.
Join our LinkedIn group Information Security Community!
