Data leak at Zurflüh-Feller
The Akira ransomware group listed French roller-shutter component manufacturer Zurflüh-Feller as a victim in early 2026, threatening to publish around 66 GB of stolen corporate data, including employee identity documents, financials, contracts and NDAs.
- Victim
- Zurflüh-Feller
On 13 January 2026, Zurflüh-Feller — a French manufacturer of roller-shutter and exterior-closure components, family-owned since 1920 and based at Autechaux-Roide in the Doubs — was named as a victim by the Akira ransomware group. Akira published the company on its dark-web leak site and threatened to release roughly 66 GB of exfiltrated corporate data unless its extortion demands were met.
The incident is consistent with Akira's double-extortion model: the operators steal internal files before (or instead of) encrypting systems, then pressure the victim by publishing or threatening to publish the data. According to the group's own posting, the stolen archive includes a broad range of sensitive material rather than a simple customer list.
Data the attackers claimed to hold:
- Employee identity documents (passports and ID cards)
- Detailed financial records
- Confidential internal files
- Contracts and commercial agreements
- Non-disclosure agreements (NDAs)
As of the latest available reporting the situation was unresolved: the data was threatened but the full leak had not been confirmed as published, and Zurflüh-Feller had not issued a detailed public statement. The exact number of individuals affected was not disclosed; the "66 GB" figure refers to the volume of data the attackers claimed to have stolen, not a count of records.
Sources
- ransomware.livehttps://www.ransomware.live/id/WnVyZmzDvGgtRmVsbGVyQGFraXJh
- hookphish.comhttps://www.hookphish.com/blog/tag/zurfluh-feller/