INC Ransom has claimed responsibility for a large-scale cyberattack on NAFFCO — one of the world’s biggest fire-safety system manufacturers serving Burj Khalifa, Louvre Abu Dhabi, and the Oman Convention Centre. The gang says it stole more than 1 TB of internal corporate data.

The INC ransomware group published NAFFCO on its dark-web leak site, alleging the theft of 1 terabyte of sensitive information. The attackers released 47 screenshots showing internal documents, employee data, ID photos, client lists, contracts, and financial records.

Аnalysis indicates that the leaked materials include yearly agreements with government agencies, oil and gas companies, and international partners. If confirmed authentic, the leak could pose major risks, including identity theft, corporate espionage, and reputational damage.

NAFFCO has not yet issued an official statement regarding the incident.

NAFFCO is one of the global leaders in fire-protection engineering, generating $4.4 billion in annual revenue and supplying critical safety systems to emergency services, government agencies, and major energy corporations.

INC Ransom emerged in 2023 and has since claimed over 450 victims. The group uses a multi-extortion model — stealing data, threatening leaks, and encrypting systems. Its previous targets include municipalities, healthcare institutions, defense contractors, media organizations, and private corporations.

If verified, the breach of NAFFCO may become one of the most significant cybersecurity incidents of the year, given the strategic importance of the facilities protected by its fire-safety solutions. While experts continue analyzing the leak, the potential impact on global safety infrastructure remains a key concern.