Ransomware victim disclosure
← All victimsNovabio
listed as Novabio (france laboratories) · Claimed by Nova · listed 7 months ago
Status timeline
- ListedDec 10, 2025
- Data leakeddate unknown
At a glance
- Group
- Nova
- Status
- Data leaked
- Country
- France
- Sector
- Healthcare
- Listed on leak site
- Dec 10, 2025
- Data size
- 500 GB
About the victim
AI dossier — public-source company profileNovabio is a French laboratory company operating in the healthcare sector. Based on the victim name referencing 'france laboratories,' it appears to be involved in medical or biological laboratory services in France. No public website content was available to confirm further operational details.
- Industry
- Healthcare & Medical Laboratories
Attack summary
Severity: critical — 500 GB of data published from a French healthcare laboratory strongly implies exposure of regulated medical and patient data (PII, health records), which falls under GDPR and healthcare data protection frameworks, constituting a critical breach.The ransomware group 'nova' claims to have exfiltrated 500 GB of data from Novabio, with the disclosure status listed as 'data_published,' indicating that the stolen data has been leaked following the company's non-response.
Data the group says was taken
AI dossier — extracted from the leak post- Laboratory data
- Patient records (potential)
- Company internal files
- Exfiltrated business data (500 GB)
What the group claims
Novabio is a medical biology laboratory that helps people across southwestern France get accurate health tests. Located in several regions including Dordogne and Gironde, the team runs complete medical examinations to support local communities' health needs. Their skilled professionals use modern equipment to deliver precise and reliable medical analysis for doctors and patients - the whole data of kalilab and france laboratories Data, Patients full informations, doctors informations, partners, finance, screening results, 500GB of data (millions of files) include PDFs, DOCs, XLSx, SQLs, SSH keys and lot more, network has encrypted, we are Ready to provide decryptor and delete full data, we will provide sample, reach us asap
The leak post
captured from the group's siteDesysweb is a comprehensive technology solutions integrator specializing in telecommunications and IT services, including managed services and a Security Operation Center. With over 200 clients and more than 13 years of experience, they offer personalized consulting, high-quality materials, and competitive pricing. The company is ISO 27001:2022 certified, ensuring robust information security and data protection. Desysweb operates nationally with a presence in eight provinces and is committed to delivering tailored projects and 24/7 customer support through a team of certified engineers. - Los sistemas de la empresa están encriptados con más de 60 mil archivos en múltiples servidores. Tienes tiempo de contactarte con nuestro departamento a través de los canales indicados en el archivo de recuperación que está dentro de los sistemas encriptados. Una vez que termine la cuenta regresiva, ya no será posible recuperar la información y tus datos se perderán. Estamos listos para desencriptar cada uno de los archivos. Contáctanos cuanto antes. Since the company didn't reach us, Data has been Leaked. Since the company didn't reach us, Data has been Leaked. CHARLES CONSEIL COORDINATION (3CCC)…
Sources
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

