Scams & Phishing News Evian, Silk, International Delight maker Danone hit by Qilin ransomware gang

Brownie2019

Level 23
Thread author
Verified
Well-known
Forum Veteran
Mar 9, 2019
1,063
5,665
2,168
Germany
Hackers claim they stole financial records, customer data, and thousands of internal company files.
Key takeaways:
  • Qilin claimed a ransomware attack on Danone, saying it stole 221 GB of internal company files.
  • The alleged leaked data includes financial reports, customer records, confidentiality agreements, and sales documents from 2023 to 2025.
  • Danone sells major brands including Evian, Activia, Silk, and International Delight across more than 120 countries.
  • The claim highlights Qilin’s growing threat after it listed over 1,000 victims in 2025 and 700 more by mid-2026.
Danone – producer of Evian water, the popular International Delight creamer brand, and Silk almond milk – has been claimed by the Qilin hacker gang in the latest ransomware attack targeting one of the world’s largest food and beverage companies.

The notorious ransomware group listed Danone on its dark web leak site earlier this week, claiming to have stolen 221 GB of files from the conglomerate’s internal servers.
Danone's 15-brand portfolio includes its flagship Danone yogurt brand, along with household names such as:
  • Evian
  • Activia
  • International Delight
  • Silk
  • Volvic
  • AQUA
  • Actimel
What data was stolen?
Read more:
 
What was allegedly stolen?

According to Qilin’s claim, the data allegedly taken from Danone included:

  • Financial reports and other financial documents
  • Customer records
  • Confidentiality agreements
  • Sales-related documents
  • Internal company files reportedly covering 2023–2025

The ransomware group claimed the total volume was approximately 221 GB. However, this is an unverified attacker claim; it does not by itself confirm that Danone’s systems were breached, that the stated volume is accurate, or that all listed data is genuine.

Danone’s official security or regulatory notifications would be the more reliable source for determining whether personal information was involved and which customers, employees, or business partners may be affected. Anyone potentially impacted should rely on Danone’s official communications rather than downloading or circulating alleged leaked files, which may contain personal data or malware.