A threat actor claims to have breached Nasajon, a Brazilian company specializing in Enterprise Resource Planning (ERP) systems designed to ensure accurate management for businesses. The incident reportedly occurred in November 2025, resulting in the exfiltration of sensitive proprietary data.
According to the actor, the compromised data consists of a significant collection of the company’s source code. The released sample file indicates a comprehensive file structure covering various critical modules of the company’s software suite.
The allegedly compromised data includes:
-
Source code repositories for ERP modules (Admin, Accounting, CRM, Inventory, and Finance)
-
Development files for Point of Sale (PDV) and Tax reporting (DIRF) systems
-
Database scripts and schema configurations
-
Project structures involving Delphi, Java, and Python environments












