Ransomware: anubis claims D&M Contractors — Construction

On June 5, 2026, a ransomware group known as Anubis claimed responsibility for a cyberattack against D&M Contractors, a construction sector firm. The incident was published on the ransomware.live leak site, indicating that sensitive data may have been exfiltrated and threatened with public release. This event falls under the BREACH framework, which typically signals a confirmed data compromise with potential regulatory notification obligations.

The primary affected organization is D&M Contractors, but the broader construction sector should take note. Construction firms often handle sensitive client data, project plans, and financial records, making them attractive targets. Any company in this sector that relies on subcontractors or digital project management tools may face similar risks, especially if they lack robust cybersecurity measures.

Compliance teams should immediately verify whether their organization has any data-sharing or subcontracting relationships with D&M Contractors. If so, assess potential exposure and initiate incident response protocols. More broadly, review ransomware readiness: ensure offline backups are current, test incident response plans, and confirm that data breach notification procedures align with EU GDPR and local breach reporting timelines. Proactive threat intelligence monitoring for Anubis-related indicators is also advised.