Ransomware victim disclosure
← All victimsWILVO
listed as metalnet.nl · Claimed by Werewolves · listed 3 years ago
Status timeline
- ListedDec 20, 2023
- Data leakeddate unknown
At a glance
- Group
- Werewolves
- Status
- Data leaked
- Country
- Netherlands
- Sector
- Manufacturing
- Listed on leak site
- Dec 20, 2023
About the victim
AI dossier — public-source company profileWILVO is a Dutch high-tech manufacturer of precision mechanical parts, assemblies, and transportation solutions for demanding industries including semiconductor, medical, defense, and agricultural sectors. With production locations in the Netherlands and Germany, they provide integrated services from machining and sheet metal work to assembly and refurbishment.
- Industry
- Precision Metalworking & High-Tech Manufacturing
- Address
- Melkweg 1, 5571 SM Bergeijk, Netherlands (HQ); also Nijkerk location
- Employees
- 51-200
Attack summary
Severity: high — Confirmed data publication by ransomware group targeting a precision manufacturer serving critical sectors (semiconductor, medical, defense). Exfiltration of operational/customer data from a supply chain-critical company poses significant business and potential regulatory risk.The werewolves group claims to have compromised WILVO and exfiltrated data. The post indicates data has been published, though specific data categories are not detailed in the excerpt provided.
Data the group says was taken
AI dossier — extracted from the leak post- Business operations data
- Customer information
- Technical/engineering data
- Supply chain records
What the group claims
Metalnet is a high-level supplier of machining operations. With our divisions for high-precision precision components and cost-effective fine mechanical parts, we are able to produce customer-oriented solutions for the most diverse industrial sectors.
Sources
- Victim sitemetalnet.nl
- Leak posthttps://werewolves.pro/en/aek-mk.html
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

