All ransomware incidents
Ransomware group thegentlemen hits Tooltec
Tooltec — a manufacturing target operating in SE has been listed by the thegentlemen ransomware group on 2026-07-16. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | Tooltec |
|---|---|
| Threat Group | thegentlemen |
| Summary | ***.se zoominfo.com/c/tooltec-ab/371817746 advanced manufacturing company based in Trollhättan, Sweden, specializing in the precision machining of complex components. The company utilizes technologies like 5-axis milling, turning, and Wire EDM to produce high-quality parts for the automotive, energy, aeronautical, and aerospace industries. As an ISO 9001 certified supplier, Tooltec is recognized for its strict quality standards, delivery reliability, and commitment to long-term partnerships with both clients and employees |
| Date of Breach | 2026-07-16 |
| Discovery Date | 2026-07-16 |
| Region | SE |
| Target Domain | tooltec.se |
| Business Sector | Manufacturing |
| Severity | MEDIUM |
Claim by thegentlemen
***.se zoominfo.com/c/tooltec-ab/371817746 advanced manufacturing company based in Trollhättan, Sweden, specializing in the precision machining of complex components. The company utilizes technologies like 5-axis milling, turning, and Wire EDM to produce high-quality parts for the automotive, energy, aeronautical, and aerospace industries. As an ISO 9001 certified supplier, Tooltec is recognized for its strict quality standards, delivery reliability, and commitment to long-term partnerships with both clients and employees
Posted by the thegentlemen threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.

