Ransomware victim disclosure
← All victimsUniversity of Gävle
Claimed by Nova · listed 8 months ago
Status timeline
- ListedNov 15, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileUniversity of Gävle (Högskolan i Gävle) is a Swedish university college located in Gävle, Sweden, established in 1977. It is organised into three academies and nine departments, offering approximately 45 master's and bachelor's degree programmes and 800 courses spanning technology, social and natural sciences, and the humanities. The university conducts interdisciplinary research across four strategic areas including sustainable urban development, health-promoting work, innovative learning, and intelligent industry.
- Industry
- Higher Education
- Address
- Kungsbäcksvägen 47, 801 76 Gävle, Sweden
- Employees
- 501-1000
- Founded
- 1977
Attack summary
Severity: high — A university holds substantial volumes of regulated personal data including student PII, staff records, and potentially research data. The group claims confirmed exfiltration of 10 GB and states the data has been published, constituting a significant data breach affecting an educational institution with thousands of students and staff.The Nova ransomware group claims to have exfiltrated 10 GB of data from University of Gävle and subsequently published the data after the institution did not engage with them. No specific details about the categories of exfiltrated data are provided in the post beyond the data size.
Data the group says was taken
AI dossier — extracted from the leak post- University data (unspecified, 10 GB)
What the group claims
University of Gävle is a university college located in Gävle, Sweden. The university was established in 1977 and is currently organized into three academies and nine departments. The university offers around 45 masters- and bachelor's degrees and 800 courses in technology, social- and natural sciences and the humanities. ZoomInfo: https://www.zoominfo.com/c/ga%CC%88vle/1142576926 / Domain: https://www.hig.se/
The leak post
captured from the group's siteSince the company didn't reach us, Data has been Leaked. Since the company didn't reach us, Data has been Leaked. CHARLES CONSEIL COORDINATION (3CCC) is a French project management and construction economics company, specializing in project coordination and oversight. International Business Solution de México Company refused to deal after they request us to unlist their company from BLOG, Data Leaked. Pemkab Bojonegoro is the official government portal of Bojonegoro Regency in East Java, Indonesia, providing various public services and information. The portal features services such as Smart City initiatives, public transparency, and online government services aimed at enhancing community engagement. It serves a diverse clientele, including local residents, businesses, and tourists seeking information about the region governance and attractions. Additionally, the portal promotes local tourism and cultural heritage through various educational and recreational activities. mkfoam.pl is the official website of M&K Foam Koło, a Polish manufacturer that specializes in sleep products like mattresses and beds. Electrical Resource International specializes in manufacturing a wide range of el…
Screenshot of the leak post

Sources
Source
Indexed 8 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

