Trevi S.p.A. Hit by Nova Ransomware
Italian engineering and construction company Trevi (trevi.it) was claimed by the Nova ransomware group. Discovery reported on Ransomware.live and Breachsense around June 9-10. The group claims to have exfiltrated data.
- unknown
Trevi S.p.A., the Italian engineering and construction company behind trevi.it, has been hit by the Nova ransomware group, which claims to have stolen internal data and is threatening to publish it.
Public reporting from BreachSense and Ransomware.live first surfaced the incident around June 9-10, 2026. The Nova group added Trevi to its leak site and stated that it had successfully exfiltrated files from the company’s systems. At this time, the exact number of people affected remains unknown, and the precise categories of data involved have not been confirmed by either the company or the threat actors. Industry research from sources such as DoxxScan™ continuous monitoring indicates that construction and engineering firms frequently store employee records, client contracts, financial details, and contact information that can be valuable in follow-on attacks.
Want the rest of this breakdown?
Sign up free to keep reading. Members get extended access, the weekly breach digest, and a complimentary Warden™ to see if their identity is exposed in the breaches we cover.
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →