The Gruppe Lehnen in Germany has been targeted by the threat actor nova, who has stolen 350 GB of sensitive documents and is demanding communication via a readme file. The attack underscores the vulnerability of this longstanding family business in the construction sector. #Germany
Incident Details
- Victim: Gruppe Lehnen
- Country: DE
- Actor: nova
- Source: http://pifk3xu3vad6cuxsjll4qjomyaaaoyvnyqppro75pazadzctrrvpdnyd.onion/#
- Discovered: 2025-10-20 11:40:11.556278
- Published: 2025-10-20 11:39:18.534240
Information
- The Gruppe Lehnen, a family-owned business with over 90 years of experience in underground and road construction, is based in Sehlem, Germany.
- With more than 270 qualified employees, they are a reliable and competent partner in construction services.
- The company emphasizes its modern and high-performance capabilities, backed by decades of expertise.
- The organizationβs team is highly motivated and currently seeking support, inviting interested candidates to apply for open positions.
- Potential applicants are encouraged to click on current job offers for more information and to submit their applications in writing.
- The Downloadcenter provides the latest and most important documents, including price lists, qualification confirmations, brochures, tax certificates, and more.
- Approximately 350 GB of documents have been stolen by the Nova actor involved in the ransomware attack.
Disclaimer: This post is based on public claims made by the ransomware group "nova". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.