Ransomware Group Nova Claims Attack on KPMG Netherlands
The ransomware group Nova has publicly named KPMG Netherlands as its latest alleged victim, posting the claim on a dark web leak site. The attack appears to target only the Dutch branch of the global consulting firm, though details about the breach including the type of data compromised and the timeline of the incident remain unclear.
Nova has given KPMG a 10-day ultimatum, threatening to publish stolen data if no ransom is paid. As of now, KPMG has not confirmed or denied the claim, nor has it provided updates on the status of its systems. The incident was first detected by the tracker ransomware.live on Friday.
Nova has gained notoriety for high-profile attacks, including a 2023 breach of Clinical Diagnostics, which exposed the personal data of over 850,000 individuals, primarily women in a cervical cancer screening program. The group later targeted FysioRoadmap in September, stealing records from more than 20,000 patients. Known for its "double extortion" tactic encrypting systems while also threatening to leak data Nova has successfully pressured victims into paying ransoms, though leaked data often surfaces regardless.
The validity of the KPMG claim remains unconfirmed, and the full scope of the potential breach is unknown. If the attack is legitimate and KPMG refuses to pay, Nova has indicated the stolen data will be released online within the 10-day window. Further details may emerge as the situation develops.
KPMG Nederland cybersecurity rating report: https://www.rankiteo.com/company/kpmg-nederland
"id": "KPM1769418239",
"linkid": "kpmg-nederland",
"type": "Ransomware",
"date": "6/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Professional Services',
'location': 'Netherlands',
'name': 'KPMG Netherlands',
'type': 'Consulting Firm'}],
'data_breach': {'data_encryption': 'Likely (ransomware tactic)',
'data_exfiltration': 'Threatened (double extortion)'},
'date_detected': '2023-11-10',
'date_publicly_disclosed': '2023-11-10',
'description': 'The ransomware group Nova has publicly named KPMG Netherlands '
'as its latest alleged victim, posting the claim on a dark web '
'leak site. The attack appears to target only the Dutch branch '
'of the global consulting firm. Nova has given KPMG a 10-day '
'ultimatum, threatening to publish stolen data if no ransom is '
'paid. As of now, KPMG has not confirmed or denied the claim, '
'nor has it provided updates on the status of its systems.',
'impact': {'brand_reputation_impact': 'Potential reputational damage',
'data_compromised': 'Unknown (threatened to be published)'},
'investigation_status': 'Ongoing',
'motivation': 'Financial gain (ransom)',
'ransomware': {'data_encryption': 'Likely',
'data_exfiltration': 'Threatened',
'ransomware_strain': 'Nova'},
'references': [{'date_accessed': '2023-11-10', 'source': 'ransomware.live'}],
'threat_actor': 'Nova',
'title': 'Ransomware Group Nova Claims Attack on KPMG Netherlands',
'type': 'Ransomware'}