Ransomware group nova hits Nordfjord Hotell
Nordfjord Hotell — a hospitality and tourism target operating in NO has been listed by the nova ransomware group on 2026-05-19. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | Nordfjord Hotell |
|---|---|
| Threat Group | nova |
| Summary | Nordfjord Hotell is a hotel located in the town of Nordfjordeid, which is the administrative centre of the Stad Municipality in the Nordfjord region of Norway. It is a popular choice for both business and leisure travellers. The hotel offers a range of modern amenities, including a full-service spa, an indoor pool, and conference facilities - Nova Provide tree and samples from stolen data to the company when its get in touch with support department. |
| Date of Breach | 2026-05-19 |
| Discovery Date | 2026-05-19 |
| Region | NO |
| Target Domain | nordfjord.no |
| Business Sector | Hospitality and Tourism |
| Severity | MEDIUM |
Claim by nova
Nordfjord Hotell is a hotel located in the town of Nordfjordeid, which is the administrative centre of the Stad Municipality in the Nordfjord region of Norway. It is a popular choice for both business and leisure travellers. The hotel offers a range of modern amenities, including a full-service spa, an indoor pool, and conference facilities - Nova Provide tree and samples from stolen data to the company when its get in touch with support department.
Posted by the nova threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Victim website
nordfjord.no
Leak post (onion / Tor)
http://novadmrkp4vbk2padk5t6pbxolndceuc7hrcq4mjaoyed6nxsqiuzyyd.onion/nordfjord-hotell
Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.