Ransomware Group: NOVA

VICTIM NAME: Epcatalogs Company

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the NOVA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a company identified as EPCATALOGS, which specializes in providing electronic spare part catalogs, workshop manuals, and diagnostic software predominantly for the automotive and heavy machinery sectors. The attack appears to have occurred on June 29, 2025, suggesting a recent breach. The leaked data was publicly disclosed on a dark web platform, making a range of potentially sensitive business information accessible, although specific PII has been redacted to maintain confidentiality. The victim’s geographic location is the United States, which may influence compliance and legal considerations in response efforts.

The leak includes links to the compromised data, with the claim URL hosted on an anonymized network, indicative of efforts to conceal the leak’s origin. Visual evidence of the breach, such as screenshots of internal documents or interfaces, is not provided in the available data. The breach’s scope could potentially involve confidential technical manuals and diagnostic tools, which might impact the company’s operations if exploited. Overall, this incident highlights the ongoing threat of cybersecurity attacks targeting specialized industrial information providers.