Ransomware victim disclosure
← All victimsFTL International N.V.
listed as FTL-Fast Transit Line · Claimed by Nova · listed 10 days ago
Status timeline
- ListedJun 23, 2026
- Data leakeddate unknown
At a glance
- Group
- Nova
- Status
- Data leaked
- Sector
- Transportation/Logistics
- Listed on leak site
- Jun 23, 2026
About the victim
AI dossier — public-source company profileFTL International N.V. is a shipping and freight forwarding company with over 25 years of experience, specializing in consolidation, forwarding, and groupage services. They operate across major Northern European ports with an additional office in Colombo, Sri Lanka, offering port-to-port, door-to-door, and air freight logistics solutions.
- Industry
- Freight Forwarding & Logistics
Attack summary
Severity: high — Confirmed exfiltration of customer PII (names, phone numbers) at scale, along with business-sensitive sales and invoice data. Customer contact information represents significant exposure risk.Nova claims to have exfiltrated sales data, invoices, and customer full names and phone numbers from FTL International. The group states they provided samples of the stolen data to the company.
Data the group says was taken
AI dossier — extracted from the leak post- sales data
- invoices
- customer names
- customer phone numbers
What the group claims
FTL International N.V. specializes in shipping, consolidation, forwarding, and groupage services, with a strong presence in major Northern European ports and an office in Colombo, Sri Lanka. With over 25 years of experience, they offer cost-effective port-to-port and door-to-door logistics solutions, including air freight and cargo insurance. Their services cater to a wide range of clients looking for reliable shipping options across the globe. FTL is committed to exceptional personalized attention and efficient shipment handling, embodying their motto 'Experience the Difference - Data included sales data, invoices and costumers full names and phones etc; Nova Provide tree and samples from stolen data to the company when its get in touch with support department.
Sources
Source
Indexed 10 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

