Noega and Esnova Listed by Deadlock Ransomware Group
Esnova (Esnova Racks S.A.) is a leading Spanish manufacturer specializing in industrial shelving and warehouse storage systems. Based in Gijón, Asturias, the company designs, manufactures, and installs solutions for logistics and warehouse management across more than 35 countries. Noega Systems is a specialized industrial company that designs, manufactures, and installs metal racking and storage solutions. Founded in 2010 and headquartered in Gijón, Spain, the firm provides end-to-end intralogistics services, including technical inspections (ITE) and automated warehouse planning. Over 130 giga
On July 10, 2026, the Deadlock Ransomware Group added both Esnova Racks S.A. and Noega Systems to its public leak site, confirming that internal files had been exfiltrated from the two Spanish industrial companies.
Confirmed Facts from Reporting
Public reporting indicates the two firms, both based in Gijón, Asturias, specialize in designing, manufacturing, and installing industrial shelving, metal racking, and automated warehouse systems. Esnova operates across more than 35 countries while Noega, founded in 2010, also provides technical inspections and intralogistics planning. The listing on the Deadlock leak site states that internal files were stolen during a ransomware attack, though the exact number of affected individuals remains unknown. Available reporting describes the exposed material as internal company documents rather than customer databases, yet such files frequently contain employee records, supplier contracts, and correspondence that can reveal personal contact details.
Why This Matters for You and Your Family
When manufacturers like these suffer a breach, the ripple effects reach ordinary people. Employee names, email addresses, phone numbers, or even home addresses can appear in stolen spreadsheets. If you or a family member works at an industrial supplier, logistics firm, or warehouse operator, your information may now sit on a criminal leak site. Even if you have no direct connection, these leaks fuel broader identity theft because criminals sell or trade the data on underground forums. Credential leaks like this one often cascade into account takeovers that threaten personal email, banking, and social media accounts you rely on daily.
The Doxxing and Identity-Chain Implications
Stolen internal files rarely stop at one company. Attackers use exposed emails and phone numbers to map connections across dozens of other services. A work address listed in a supplier contract can link to your personal accounts, your children’s school records, or family social-media profiles. This creates an identity chain that turns a single breach into repeated harassment or targeted scams. Public reporting shows these chains frequently reach gaming platforms where children use the same email or username, allowing attackers to pivot from corporate data to personal doxxing.
Deadlock Ransomware Group’s Track Record
Public reporting attributes the Deadlock Ransomware Group with emerging in recent years as a double-extortion operation. The group typically gains initial access through phishing or exploited remote desktop protocols, exfiltrates sensitive files before encrypting systems, then posts samples on its leak site to pressure victims into payment. Notable prior victims include other mid-sized manufacturers and service companies, following a consistent playbook of data theft followed by public shaming when ransom demands go unmet. Exact details of their earlier attacks vary across reports, but the pattern of listing companies on dark-web sites with samples of stolen data remains consistent.
What to do
- Run a DoxxScan to map every link between your handles, emails, phone numbers, and real identity, with no-subscription cleanup handled by the service.
- Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next exposure of your information is caught in hours rather than months.
- Rotate any password used at Esnova or Noega anywhere it is reused, and switch on 2FA through an authenticator app instead of SMS.
- Cover the household with DoxxScan family coverage that extends to dependents and children’s gaming accounts that often chain back to the same addresses or emails.
- Let remediation specialists handle takedown requests across data brokers and leak sites for you while you focus on securing your own accounts.
The incident underscores that corporate breaches increasingly become personal ones, often with little warning. Taking measured steps now limits how far attackers can travel along the identity chains they build. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4 billion breach records and more than 100 platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage that includes children’s gaming accounts—making it an effective tool for protecting both corporate-exposed data and the personal accounts that frequently follow.
Related breaches
Gerusia S.L. Listed by Deadlock Ransomware Group
Gerusia S.L., a Spanish service company headquartered in Oviedo, Asturias. Founded in 1995 and manag…
Catcorp Listed by Deadlock Ransomware Group
Business direction: Mew mew…
Firesta Listed by Deadlock Ransomware Group
Firesta-Fišer, a.s. is a Czech construction company based in Brno, established in 1990, specializing…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →