Ransomware victim disclosure
← All victimsTiendas Carrión & Fernández S.L.
listed as Tiendas Carrion & Fernandez · Claimed by Blacklock · listed 1 year ago
Status timeline
- ListedMay 16, 2025
- Data leakeddate unknown
At a glance
- Group
- Blacklock
- Status
- Data leaked
- Country
- Spain
- Sector
- Consumer Services
- Listed on leak site
- May 16, 2025
- Ransom demanded
- $5M
About the victim
AI dossier — public-source company profileTiendas Carrión & Fernández is a Spanish retail company operating physical stores and an e-commerce presence. The company sells consumer products and runs seasonal promotions, with 100–249 employees and estimated revenue of $5M–$10M.
- Industry
- Retail & Consumer Goods
- Employees
- 100-249
Attack summary
Severity: high — Data has been published by the group (confirmed exfiltration). Retail company likely holds customer PII and payment data; SME-scale operational disruption and reputational damage to a mid-sized business.BlackLock claims to have encrypted systems and exfiltrated data from Tiendas Carrión & Fernández. The group demanded $5M ransom and has published data as proof.
Data the group says was taken
AI dossier — extracted from the leak post- business records
- customer information
- operational data
What the group claims
Retail · Spain Tiendas Carrion & Fernandez Sl is a company that operates in the Retail industry. It employs 100 - 249 people and has $5M - $10M of revenue.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

