Ransomware: nova claims Hosab — Business Services

On 20 June 2026, the ransomware group known as Nova published a claim on the ransomware.live leak site, stating it had breached Hosab, a business services firm. This incident falls under the BREACH framework, which is used to track and categorise ransomware events. The publication confirms that Hosab is now a confirmed victim, with data likely exfiltrated and potentially leaked unless a ransom is paid.

The primary affected entity is Hosab and its clients within the business services sector. However, given the interconnected nature of business services, any organisation that shares data with Hosab or relies on its services may also face downstream risks, including data exposure, operational disruption, and regulatory scrutiny under GDPR or other data protection laws.

Compliance teams should immediately verify whether their organisation has any data-sharing or service agreements with Hosab. If so, they must assess potential data exposure and prepare breach notification procedures. Additionally, teams should review their own ransomware preparedness, including backup integrity, incident response plans, and employee training, to mitigate similar threats. Monitoring the ransomware.live site for further updates is also advisable.