Nobani Co Listed by Deadlock Ransomware Group
Nobani & Co a professional financial services firm established in 1994. The company is headquartered in Amman, Jordan, and functions as an independent member of the Praxity international alliance of accounting and advisory firms.
On June 10, 2026, the Deadlock ransomware group added Nobani & Co to its public leak site, confirming that internal files had been exfiltrated from the Jordan-based financial services firm during a ransomware attack.
Confirmed Facts from Reporting
Public reporting indicates that Nobani & Co, founded in 1994 and headquartered in Amman, Jordan, is an independent member of the Praxity international alliance of accounting and advisory firms. The company provides professional financial services, which means client financial records, tax documents, correspondence, and internal operational data were likely among the stolen material. Ransomware.live, which tracks leak sites, published the listing on June 10, 2026. The exact volume of data and the specific types of files remain unclear from available reporting, but Deadlock typically posts samples as proof of successful exfiltration.
Why This Matters for You and Your Family
When a financial services firm like Nobani & Co suffers a breach, the information exposed often includes personal details of clients and their families. Tax records, bank account references, addresses, phone numbers, and email communications can appear in the hands of criminals. This puts you and your family at immediate risk of identity theft, fraudulent loan applications, and targeted phishing attacks that sound legitimate because the attackers already possess accurate financial context. Even if you are not a direct client, credential leaks from related systems frequently cascade into personal email and banking accounts that you do use.
The Doxxing and Identity-Chain Implications
Ransomware groups do not stop at posting data. They create doxxing chains by linking exposed email addresses, phone numbers, and company documents to personal social-media handles, family member names, and even children’s online gaming accounts. Once these connections are mapped, extortion demands can target entire households. A single leaked tax document can reveal home addresses, children’s names, and school details, turning a corporate breach into sustained personal harassment. Credential leaks like this one frequently lead to account takeovers on gaming platforms, where children’s usernames become entry points for further social engineering.
Deadlock Ransomware Group Track Record
Public reporting attributes the Deadlock ransomware group with emerging in late 2023. The group has targeted organizations across multiple sectors, including manufacturing, professional services, and healthcare. Its typical playbook involves initial access through phishing or exploited remote desktop protocols, followed by data exfiltration before encryption. Deadlock then uses double-extortion tactics: demanding payment to prevent file encryption and a second payment to stop publication of stolen data on its leak site. The group maintains an active leak portal where it posts victim names and sample documents when ransoms are not paid.
What to do
- Run a DoxxScan to map every link between your emails, phone numbers, handles, and real-world identity so you can see exactly what chains back to the Nobani & Co breach.
- Rotate any password you used at Nobani & Co or any related financial service, then enable 2FA through an authenticator app rather than SMS.
- Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next exposure of your information is caught within hours instead of months.
- Cover the household with DoxxScan family coverage that includes dependents and your children’s gaming accounts, which often become targets once credential leaks cascade into doxxing chains.
- Let remediation specialists handle takedown requests across data brokers and leak sites while you focus on securing your own accounts.
The Nobani & Co incident shows that financial data breaches continue to expose ordinary families to long-term risks that do not disappear when the news cycle moves on. Starting with a clear picture of your current exposure and maintaining ongoing vigilance remains the most practical defense. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4B+ breach records and 100+ platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage that includes children’s gaming accounts. Source: https://www.ransomware.live/id/Tm9iYW5pIENvQERlYWRsb2Nr
Related breaches
azarestan.com Listed by apt73 Ransomware Group
azarestan.com (Azarestan Business Development Group) is a holding company based in Iran. Azaresta...…
Kevin Bao Lenguyen Listed by play Ransomware Group
United States…
Forces Listed by medusalocker Ransomware Group
Organization with 28 emails extracted. Domain: ***.gc.ca…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →