Incransom, a threat actor, has potentially compromised NAFFCO, a leading firefighter and safety equipment manufacturer headquartered in Dubai, UAE, by claiming to have exfiltrated and threatened to release 1TB of sensitive internal data, including fiscal records, internal communications, and strategic plans. The targeted company appears unable to fully safeguard its own data, highlighting a significant cybersecurity lapse impacting the United Arab Emirates. #UnitedArabEmirates
Incident Details
- Victim: naffco.com
- Country: AE
- Actor: incransom
- Source: http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/691a8e0fe1a4e4b3ff2f5bb9
- Discovered: 2025-11-20 01:44:21.043689
- Published: 2025-11-19 01:00:00.000000
Information
- NAFFCO is an international manufacturer and supplier of firefighting, security, and safety products.
- The company offers training services and emergency responder certification.
- Headquartered in Dubai, United Arab Emirates, NAFFCO operates a global network spanning over 100 countries.
- It is recognized as a leader in fire safety worldwide.
- NAFFCOβs official website emphasizes their βpassion to protect.β
- Their protective capabilities for clients are uncertain, but they apparently could not protect themselves.
- Approximately 1TB of data was compromised, including fiscal data, internal emails, HR data, budgets, and strategic development plans.
Disclaimer: This post is based on public claims made by the ransomware group "incransom". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.