Hackers claim they stole financial records, customer data, and thousands of internal company files.
Key takeaways:
- Qilin claimed a ransomware attack on Danone, saying it stole 221 GB of internal company files.
- The alleged leaked data includes financial reports, customer records, confidentiality agreements, and sales documents from 2023 to 2025.
- Danone sells major brands including Evian, Activia, Silk, and International Delight across more than 120 countries.
- The claim highlights Qilin’s growing threat after it listed over 1,000 victims in 2025 and 700 more by mid-2026.
Danone – producer of Evian water, the popular International Delight creamer brand, and Silk almond milk – has been claimed by the Qilin hacker gang in the latest ransomware attack targeting one of the world’s largest food and beverage companies.
The notorious ransomware group listed Danone on its dark web leak site earlier this week, claiming to have stolen 221 GB of files from the conglomerate’s internal servers.
Danone's 15-brand portfolio includes its flagship Danone yogurt brand, along with household names such as:
- Evian
- Activia
- International Delight
- Silk
- Volvic
- AQUA
- Actimel
What data was stolen?