Home All Victims NXIT and Franco Vago S.p.a. and Traconf Srl

NXIT and Franco Vago S.p.a. and Traconf Srl

Deadlock

This record tracks a ransomware attack claimed by the Deadlock group against NXIT and Franco Vago S.p.a. and Traconf Srl. It collects the publicly disclosed attack details — sector, location and timeline — as published on the operator's leak site and indexed by Breach House.

Window Zero

EXPOSURE GAP

Window Zero is the time the breach stayed in the open before anyone said so — the gap between when the attack was first discovered on the operator's leak site (t1) and when it was publicly disclosed (t2). The wider this window, the longer victims, staff and customers were exposed with no warning.

-70days
t1 · Published t2 · Disclosed
Jul 10, 2026May 01, 2026
Country
Italy
Business Category
Transportation / Travel / Logistics
Employees
+1000
Discovered
2026-07-10
Published
July 10, 2026
Disclosed / Notified
May 01, 2026
Victim ID
8028WKaTyzXf

Attack Summary

The leaked files will be available for download on May 15, 2026. Nippon Express Italia SpA (NXIT) is the Italian division of the global NX Group (formerly Nippon Express). It was established on January 1, 2020, following a major merger involving several high-profile Italian logistics companies, including Franco Vago and Traconf . Recorded a consolidated turnover of almost EUR 1 billion in 2022. Core Services: The company specializes in integrated logistics and global freight forwarding, with a particularly strong reputation in the Fashion & Luxury sector. Traconf Srl a major Italian logistics firm specializing in fashion and luxury goods. Portuguese branch of Franco Vago , which, much like Traconf, is now a key part of the Nippon Express Italia SpA (NX Group) network. In Portugal, the company operates as a specialized freight forwarder with a strong focus on the textile, footwear, and luxury sectors—leveraging the historical expertise of the Franco Vago brand. Over 220 gigabytes of sensitive internal data were stolen from this company

Leak Screenshots

SAMPLE

Proof-of-breach screenshots the operator posted from the stolen data. Previews are redacted and locked — the originals are available on HaveIBeenRansom.

file_tree.png
finance_2024.xlsx
passport_scan.jpg
contract_signed.pdf
Sign in or explore HaveIBeenRansom to view the full leak gallery.
View leak gallery →

Dark Web Exposure

Findings for nipponexpressitalia.com — indexed by HaveIBeenRansom.
0
found in Infostealer logs
0
found in Traditional breaches
2
found in Ransomware leaks
Automha
medusa · ransomware
••• emails
Leak volumes are locked
Sign in to reveal how many records each source exposed.
Want the complete picture — passwords, machines, full leak files? It's all searchable on HaveIBeenRansom.
Search this victim →
Visit Website Original Post View Group: Deadlock
Legal Disclaimer: This ransomware victim record reflects information published on the operator's leak site. Breach.house does not acquire, download, host, access or redistribute unlawfully obtained data. It indexes only publicly visible information posted by ransomware, breach and infostealer operators and open web sources, without accessing the underlying stolen content. The service supports public awareness, legitimate research and cyber-resilience.