Ransomware victim disclosure
← All victimsNocciole Marchisio
Claimed by Meow · listed 2 years ago
Status timeline
- ListedSep 7, 2024
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileNocciole Marchisio is a fourth-generation Italian family company specializing in the cultivation, processing, and marketing of hazelnuts (especially Piedmont IGP), almonds, and pistachios. Based in Cortemilia, Piedmont, they process over 6,000 tonnes of product annually and serve 300+ customers across 20+ countries, with certifications including Bio IGP, IFS, BRC, and Rainforest Alliance.
- Industry
- Food Processing & Agriculture — Hazelnuts, Almonds & Pistachios
- Address
- Viale Guglielmo Marconi, 38, 12074 Cortemilia CN, Italy
Attack summary
Severity: medium — Data has been published by the threat actor, indicating successful exfiltration. However, the leak post provides no specific inventory of sensitive data (PII, financial, trade secrets) or operational impact. The company processes food products for B2B customers; exposure of customer lists or operational records is moderately sensitive but not critical without evidence of regulated/personal data at scale.The Meow group claims to have compromised Nocciole Marchisio and published exfiltrated data. The group's post describes the company but does not explicitly detail the scope of encrypted files, exfiltrated records, or specific data categories at stake.
Data the group says was taken
AI dossier — extracted from the leak post- business records
- customer information
- operational data
What the group claims
Nocciole Marchisio is an Italian company renowned for its premium hazelnut products. Located in Piedmont, a region famed for its high-quality hazelnuts, the company specializes in cultivating, processing, and marketing hazelnuts and related products. Their offerings include whole hazelnuts, hazelnut flour, and gourmet items like spreads. Nocciole Marchisio is committed to quality, sustainability, and traditional methods.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

