Ransomware victim disclosure
← All victimsPUNTO
listed as Punto.bg · Claimed by Ransomedvc · listed 3 years ago
Status timeline
- ListedSep 26, 2023
- Data leakeddate unknown
At a glance
- Group
- Ransomedvc
- Status
- Data leaked
- Country
- Bulgaria
- Sector
- Technology
- Listed on leak site
- Sep 26, 2023
- Ransom demanded
- $30.000
About the victim
AI dossier — public-source company profilePUNTO (punto.bg) is a Bulgarian retail chain specialising in footwear, bags, and accessories for women, men, and children. The company operates multiple physical store locations across Bulgaria and sells brands such as Tamaris, WIRTH, Suie Valentini, and Jorge Bischoff. It also runs an e-commerce platform with multi-currency and multilingual support.
- Industry
- Footwear & Accessories Retail
Attack summary
Severity: medium — The group claims exfiltration and threatens publication, and the status is marked data_published, but no specific sensitive regulated data (e.g. financial records at scale, medical) is confirmed, no proof files are described, and no data volume is stated. A retail e-commerce target likely holds customer PII and payment-adjacent data, warranting medium severity.RansomedVC claims to have exfiltrated data from PUNTO and threatens to publish all obtained information unless a ransom of $30,000 is paid. The post does not specify encryption of systems, focusing instead on a data-leak extortion threat.
Data the group says was taken
AI dossier — extracted from the leak post- Customer personal data
- Order and transaction records
- Employee information
- Business/internal documents
What the group claims
We will leak all of the info we have on you if we dont get paid.We require a ransom of $30,000
Sources
- Victim sitepunto.bg
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

