Cyber Incident Victim: RMD Kwikform

In November 2020, RMD Kwikform, a Walsall-based construction firm involved in building the NHS Nightingale Hospital, experienced a cybersecurity breach. The REvil (Sodinokibi) ransomware group claimed responsibility, asserting they had encrypted all company servers and workstations. Attackers alleged exfiltration of over 700GB of critical data including financial records, contractual agreements, banking documents, sales histories, email communications, databases, and technical specifications. As evidence, REvil published directory screenshots purportedly from the compromised systems. The incident was publicly disclosed on December 6, 2020, following BirminghamLive's initial reporting about the attack. RMD Kwikform confirmed it was actively investigating the security incident but did not provide specifics regarding operational disruption or data verification.

The breach occurred against a backdrop of prior cybersecurity issues affecting the company's corporate structure. RMD Kwikform's parent company, Interserve, had itself been targeted in a separate cyber attack earlier in 2020, though no explicit connection between the two incidents was established in available reports. REvil's public claims emphasized the scale of data compromise but did not disclose specific ransom demands or data release timelines. No customer or employee data specifics were confirmed in initial disclosures. The company's investigation remained ongoing at the time of public reporting, with no subsequent containment measures or recovery actions detailed in source material. BirminghamLive served as the primary public conduit for initial breach notification before cybersecurity outlets amplified the disclosure.