Back to Blog
high severity July 10, 2026 · scope unconfirmed

New Tiles S.L. Listed by gunra Ransomware Group

⚠ Were you caught in this breach?
Check your email against 15.4B+ leaked records in 15 seconds — free, no signup.
Scan my email — free → Instant · no account

N/A

Severity High
Disclosed July 10, 2026
Affected Unconfirmed
Data exposed Internal files exfiltrated in ransomware attack

On July 10, 2026, Spanish company New Tiles S.L. appeared on the leak site of the gunra ransomware group. Public reporting indicates the attackers exfiltrated internal files during a ransomware incident and have now published them, potentially exposing employee and customer records to anyone who visits the site.

Confirmed Facts from Reporting

Available reporting describes the listing on the gunra leak portal, hosted and tracked by ransomware.live. The data set consists of internal files exfiltrated rather than a simple database dump. No exact victim count has been published, and the precise volume or sensitivity of the files remains unclear from public descriptions. The incident follows the typical ransomware pattern of initial encryption demands followed by public shaming when payment is not made.

July 10, 2026 marks the date the group added New Tiles S.L. to its leak site. The company, based in Spain, appears to have been breached through standard initial-access methods commonly used by this group.

Why This Matters for You and Your Family

When a company that holds personal information suffers a breach, your data can end up in the hands of criminals who specialize in turning stolen files into cash. If you have ever done business with a tile, construction, or home-renovation firm, or if your employer shares records with vendors like New Tiles S.L., your name, address, contact details, or payment information may now be circulating.

These leaks rarely stay isolated. One exposed email or phone number becomes the starting point for phishing, account takeovers, and eventual doxxing that can reach every member of your household.

The Doxxing and Identity-Chain Risk

Ransomware groups do not simply sell raw files. They often package employee spreadsheets, customer lists, and internal directories that link names to addresses, phone numbers, email accounts, and sometimes even children’s school or activity records. Once these links are public, opportunistic criminals can chain the information across social media, gaming platforms, and data-broker sites to build complete profiles.

Credential leaks like this one cascade into account takeovers on personal email, banking, and gaming services. A child’s gaming username tied to a family address in the stolen files can quickly become the entry point for harassment or further extortion.

Gunra Group’s Known Track Record

Public reporting attributes the gunra ransomware group with activity that emerged in late 2024. The group has targeted organizations across Europe and North America, listing victims in sectors ranging from manufacturing to professional services. Its typical playbook involves gaining initial network access, encrypting systems, exfiltrating sensitive files, and then pressuring victims with a public countdown on its leak site. If ransom is not paid, the group releases the data in batches or in full.

What to do

  • Run a DoxxScan to map every link between your emails, phone numbers, usernames, and real-world identity so you can see exactly what the New Tiles S.L. files may have exposed.
  • Rotate any password you used at New Tiles S.L. or any related vendor account, then enable 2FA through an authenticator app instead of SMS.
  • Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next leak that touches your family is caught and acted on within hours rather than months.
  • Cover the household with DoxxScan family protection that includes dependents and children’s gaming accounts, which frequently become targets when address or parent-name data surfaces in corporate leaks.
  • Let remediation specialists handle the follow-up work of submitting takedown requests to data brokers and monitoring forums where the stolen New Tiles files may be resold.

The speed with which ransomware data moves from leak site to criminal marketplaces means waiting is no longer a viable strategy. Starting proactive steps now can limit how far this breach reaches into your life. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4B+ breach records and 100+ platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage that explicitly protects children’s gaming accounts from the kind of cascading takeovers this incident can trigger.

Share this Post on X Reddit Email
Why this isn’t just another breach checker

A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.

Free checker Tells you the breach happened. End of story. You’re still on 800+ broker sites.
$129+/yr Broker-removal services scrub the address but don’t see the breach — next leak re-exposes you.
GalaxyWarden Maps the chain. Cleans both halves. $19 one-shot. Closed loop.

⚠ Were you in this breach?

Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.

Check my email — free →
Close the chain attack

Both halves of the chain, cleaned once.

A breach put your credentials in 15.4B+ leaked records. Hackers chain that data to your address on 800+ broker sites. GalaxyWarden closes both halves for $19 once — no subscription required.

Clean both halves — $19 →
Free breach scan + 800+ broker letters + 30-day proof · one payment, no subscription
W Warden Plus — ongoing monitoring $9.99/mo
Warden Plus ($9.99/mo or $99/yr): weekly re-scans, breach alerts, AI Concierge, auto re-files on relisted brokers.