Ransomware victim disclosure
← All victimsSika Footwear
Claimed by Worldleaks · listed 11 months ago
Status timeline
- ListedAug 26, 2025
- Data leakeddate unknown
At a glance
- Group
- Worldleaks
- Status
- Data leaked
- Country
- Denmark
- Sector
- Consumer Services
- Listed on leak site
- Aug 26, 2025
About the victim
AI dossier — public-source company profileSika Footwear is a Danish company that manufactures and sells professional work footwear, including shoes, clogs, boots, and sandals designed for sectors such as healthcare, hospitality, construction, food industry, and heavy industry. The company operates a multi-brand e-commerce platform offering products certified to EN ISO 20345 and EN ISO 20347 safety standards. It distributes brands including SIKA, BRYNJE, ELTEN, COFRA, DUNLOP, and others across multiple European markets.
- Industry
- Work & Safety Footwear Manufacturing & Retail
Attack summary
Severity: medium — Data has been published, indicating confirmed exfiltration, but no details on data type, scale, or sensitivity (e.g. PII, financial records) are provided in the post, limiting severity to medium.The worldleaks group claims to have compromised Sika Footwear and has published data (disclosed status: data_published), though the leak post provides no specific details on encryption or volume of exfiltrated files.
Data the group says was taken
AI dossier — extracted from the leak post- Unspecified company data
Original description
AI-summarised, not from the leak postSika Footwear is a Danish company specializing in manufacturing and selling work footwear specifically designed for the needs and comfort of professionals in various sectors such as healthcare, hospitality, and construction. It prioritizes user comfort, durability of products, foot safety, as well as stylish design. The company produces shoes, clogs, and boots suitable for different work environments.
Sources
Source
Indexed 11 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

