The Nefilim ransomware operation has begun to publish unencrypted files stolen from a Dussmann Group subsidiary during a recent attack.

The Dussmann Group is the largest multi-service provider in Germany with subsidiaries focusing on facility management, corporate childcare, nursing and care for the elderly, and business systems solutions, including HVAC, electrical work, and elevators.

The company has confirmed to BleepingComputer that one of their subsidiaries, Dresdner Kühlanlagenbau GmbH (DKA), recently suffered a ransomware attack where data was stolen.

Nefilim publishes DKA’s stolen data

During the DKA attack, the Nefilim operators claim to have stolen unencrypted files before deploying the ransomware.