A significant accounting agency within the Netherlands has reportedly develop into the newest sufferer of Nova, an energetic ransomware operation.
The breach was found and listed by ransomware dwell on January 23, 2026, with the estimated assault date coinciding with the invention date.
The attackers declare to have exfiltrated delicate knowledge and have issued a 10-day ultimatum for contact and ransom negotiation.
Incident Overview
KPMG, one of many world’s main skilled providers companies, supplies complete audit, tax, and advisory providers to main world organizations.
The agency’s Netherlands division handles delicate shopper knowledge spanning monetary providers, compliance, and enterprise operations.
This focusing on aligns with Nova’s established sample of pursuing high-profile companies within the skilled providers and monetary sectors. Nova has emerged as a big menace actor within the ransomware panorama.
In response to menace intelligence knowledge, the group operates a number of command-and-control (C2) infrastructure parts on the Tor community.
Evaluation of publicly accessible indicators reveals Nova maintains a distributed leak infrastructure throughout a number of onion domains.
The group operates utilizing uvicorn-based servers, indicating a standardized backend deployment.
Community defenders ought to block recognized onion infrastructure and monitor for lateral motion patterns per ransomware deployment.
Speedy incident response protocols must be activated if any Nova-related artifacts are detected in community logs. KPMG has not issued public affirmation of the breach presently.
Purchasers and stakeholders are suggested to observe official communications for detailed impression evaluation and remediation timelines.
Comply with us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to function your tales.
