Ransomware victim disclosure
← All victimsCasta Diva Group
Claimed by Payoutsking · listed 17 hours ago
Status timeline
- ListedJul 14, 2026
- Data leakeddate unknown
At a glance
- Group
- Payoutsking
- Status
- Data leaked
- Country
- Italy
- Sector
- Hospitality and Tourism
- Listed on leak site
- Jul 14, 2026
About the victim
AI dossier — public-source company profileCasta Diva Group is an Italian communications and entertainment company headquartered in Milan, Italy. Operating for approximately 20 years, the group specializes in event production, branded entertainment, digital communication, and audiovisual content creation, serving corporate clients and institutions across Italy and international markets with offices in multiple cities including Rome, Bergamo, Buenos Aires, Cape Town, Istanbul, Los Angeles, and others.
- Industry
- Media, Events & Live Entertainment
- Address
- Milan, Italy
Attack summary
Severity: medium — Data published status indicates exfiltration occurred, but no specific data types, proof files, or sensitive information categories are documented in the available post. The company handles client data and communications but no confirmation of regulated or highly sensitive data exposure.The payoutsking group claims to have exfiltrated data from Casta Diva Group. No specific details regarding encryption, operational disruption, or data categories are provided in the available post.
Original description
AI-summarised, not from the leak postCasta Diva Group is an Italian communications and entertainment company headquartered in Milan, Italy. It operates in the media, events, and live entertainment industry, offering services including event production, branded entertainment, digital communication, and audiovisual content creation. The group serves corporate clients and institutions, managing large-scale events, product launches, and integrated communication campaigns across Italy and international markets.
Sources
Source
Indexed 17 hours agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

