Ransomware victim disclosure
← All victimsKasida
listed as kasida.bg · Claimed by Ransomed · listed 3 years ago
Status timeline
- ListedSep 9, 2023
- Data leakeddate unknown
At a glance
- Group
- Ransomed
- Status
- Data leaked
- Country
- Bulgaria
- Sector
- Technology
- Listed on leak site
- Sep 9, 2023
- Ransom demanded
- $8.000
About the victim
AI dossier — public-source company profileKasida (kasida.bg) is a Bulgarian online retailer specialising in baby and children's products, including prams, car seats, nursery furniture, clothing, footwear, feeding accessories, and toys. The site operates in Bulgarian and targets parents and families in Bulgaria, offering a wide catalogue across multiple product categories. It accepts both EUR and BGN currencies, suggesting a domestic and potentially broader European customer base.
- Industry
- Baby & Children's Products Retail (E-commerce)
Attack summary
Severity: high — The group claims full database exfiltration and deliberate deletion of all backups, which constitutes confirmed data theft and operational sabotage. An e-commerce customer database likely contains PII (names, addresses, payment details) at potentially significant scale, and backup deletion causes direct operational disruption.The Ransomed group claims to have accessed all critical infrastructure of the target, exfiltrated (dumped) the database, and deleted all server backups, demanding a ransom of $8,000. The leak post references 'linktera' in the description, suggesting possible confusion with or overlap between victims.
Data the group says was taken
AI dossier — extracted from the leak post- Customer database
- Server backups
What the group claims
We have been able to access all of linktera critical infrastructure including her database, we dumped and then deleted all backups from the serversWe require a ransom of $8,000
Sources
- Victim sitekasida.bg
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

