Ransomware victim disclosure
← All victimsThe Noble Group
listed as nobleweb.com · Claimed by Ransomblog_Noname · listed 2 years ago
Status timeline
- ListedJan 16, 2024
- Data leakeddate unknown
At a glance
- Group
- Ransomblog_Noname
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Jan 16, 2024
- Data size
- 260 GB
About the victim
AI dossier — public-source company profileThe Noble Group is a real estate and private lending firm founded in 1992, based in Lancaster, Pennsylvania. They specialize in mortgage loan acquisitions, private lending, real estate purchasing and renovation, and secondary market note purchasing primarily in the Mid-Atlantic region of the United States.
- Industry
- Real Estate & Private Lending
- Address
- 1817 Olde Homestead Lane, Suite 101, Lancaster, PA 17601, United States
- Founded
- 1992
Attack summary
Severity: critical — Confirmed exfiltration of large-scale PII (260 GB) including social security numbers, financial records, and personal identifying information of employees — regulated sensitive data at significant scale.The ransomware group claims to have exfiltrated 260 GB of data including employee personal information (social security numbers, residential addresses, dates of birth, salary information), tax records, contracts, and confidential budget documents.
Data the group says was taken
AI dossier — extracted from the leak post- Employee social security numbers
- Residential addresses
- Dates of birth
- Salary information
- Tax records
- Contracts
- Budget documents
What the group claims
M Since 1992, The Noble Group has built a dedicated team of professionals all working together to revitalize neighborhoods, provide new homes for families and build a better future for our investors. 260GB lists with ssn numbers, residential addresses, date of birth, salary and tax information, contracts, and other confidential forms for employees budget, cash […]
Sources
- Victim sitenobleweb.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

