Ransomware victim disclosure
← All victimsNexon Asia Pacific
Claimed by Nokoyawa · listed 4 years ago
Status timeline
- ListedDec 9, 2022
- Data leakeddate unknown
At a glance
- Group
- Nokoyawa
- Status
- Data leaked
- Country
- Australia
- Sector
- Technology
- Listed on leak site
- Dec 9, 2022
About the victim
AI dossier — public-source company profileNexon Asia Pacific is an end-to-end managed IT services provider headquartered in Sydney, New South Wales, Australia. The company offers a broad range of services including cloud computing, secure networking, unified communications, managed security, business solutions, and digital workspace solutions. As a managed service provider, Nexon serves business clients across the Asia Pacific region.
- Industry
- Managed IT Services & Cloud Solutions
- Address
- Sydney, New South Wales, Australia
Attack summary
Severity: critical — Nexon Asia Pacific is a managed IT services provider whose client base likely includes numerous businesses with sensitive data; data_published status confirms exfiltration and public release of data, which may expose client PII, network configurations, security credentials, and business-critical information at scale across multiple downstream organisations.The Nokoyawa ransomware group claims to have exfiltrated data from Nexon Asia Pacific and has published a Mega.nz download link, indicating the stolen data has been made publicly available. No ransom amount or data volume was specified in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Exfiltrated company data (published via Mega.nz)
What the group claims
Nexon is headquartered in Sydney, New South Wales. Nexon Asia Pacific is an end-to-end managed IT provider with services ranging from cloud, secure networks, unified communications, managed security, business solutions and digital workspace solutions.Download data: https://mega.nz/folder/Fbkx3TLA#7EO2Vib3l_TM9dVXSIwzIw
Source
Indexed 4 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

