Ransomware victim disclosure
← All victimsSupercash (Reuploaded)
Claimed by Spacebears · listed 9 months ago
Status timeline
- ListedOct 20, 2025
- Data leakeddate unknown
At a glance
- Group
- Spacebears
- Status
- Data leaked
- Country
- Spain
- Listed on leak site
- Oct 20, 2025
About the victim
AI dossier — public-source company profileSupercash is a Spanish cash-and-carry wholesale distributor operating under the domain supercash.es, serving the hospitality and food service sector. The company supplies bulk food, fresh produce, beverages, cleaning products, and household goods to hotels, restaurants, and catering businesses. It operates multiple cash-and-carry centres, primarily in the Asturias region of Spain based on the 985 area code.
- Industry
- Cash & Carry Wholesale Food & Beverage Distribution
- Address
- Spain (Asturias region inferred from area code 985)
Attack summary
Severity: medium — Data is marked as published, indicating confirmed exfiltration, but the leak post contains no description of the actual data stolen from Supercash, no stated data volume, and no evidence of regulated or highly sensitive data categories such as PII at scale, financial, or medical records. The victim is a regional wholesale food distributor, limiting likely data sensitivity.The Spacebears ransomware group claims to have attacked Supercash and has published data (disclosed status: data_published). Notably, the group's leak post text describes Johnson & Johnson Innovative Medicine rather than Supercash, suggesting a copy-paste error or deliberate obfuscation in the post content.
Data the group says was taken
AI dossier — extracted from the leak post- Unknown — leak post content does not describe Supercash-specific data
What the group claims
Supercash is a family business with over 40 years of experience. We specialize in distributing a wide variety of products for the hospitality industry. We offer convenient shopping and personalized service. We have five cash and carry centers located throughout the northern region: Oviedo, Avilés, Gijón, Valladolid, and León.They are clients of Gesimde Asociados S.L. The leak was made possible by this companyDatabasePersonal information of employees and clientsFinancial documents https://www.supercash.es/
The leak post
captured from the group's site## Johnson & Johnson Innovative Medicine Johnson & Johnson Innovative Medicine (formerly known as Janssen Pharmaceuticals) is the pharmaceutical division of the American corporation Johnson & Johnson, specializing in the development and production of revolutionary medicines. The company focuses on creating treatments for the most complex diseases, transforming the future of healthcare.
Sources
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

