HAFA, a Swedish firm, is the target of a ransomware claim attributed to the threat actor thegentlemen, who asserts control over its systems. The claim describes encryption of data and potential exfiltration as leverage to extract payment, with the attack branded under HAFAβs name #Sweden
Incident Details
- Victim: Hafa
- Sector: Not Found
- Country: SE
- Actor: thegentlemen
- Source: http://tezwsse5czllksjb7cwp65rvnk4oobmzti2znn42i43bjdfd2prqqkad.onion
- Discovered: 2026-02-06 20:10:42.326406
- Published: 2026-02-06 18:40:13.000000
Information
- hafa.fr
- zoominfo.com/c/hafa/458792496
- Lubricants designed by experts to always go further
- Embodies the HAFA Pioneering Spirit
- Founded in 1953; continuously renewing to drive greater performance
- A single partner offering a range of lubricants to meet all needs
- Slogan: βFor me, itβs HAFAβ
- Product ranges cover all professional uses and simplify lubricant management
Disclaimer: This post is based on public claims made by the ransomware group "thegentlemen". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.