Ransomware victim disclosure
← All victimsRedeplast
listed as redeplastrs.com.br · Claimed by Blackfield · listed 5 hours ago
Status timeline
- ListedJul 3, 2026
- Data leakeddate unknown
At a glance
- Group
- Blackfield
- Status
- Data leaked
- Country
- Brazil
- Sector
- Manufacturing
- Listed on leak site
- Jul 3, 2026
About the victim
AI dossier — public-source company profileRedeplast is a Brazilian footwear and handbag manufacturer founded in 2002, based in Novo Hamburgo, Rio Grande do Sul. With over 20 years of experience, the company produces PVC-injected shoes and bags for major national and international brands, exporting to Europe and North America. The facility operates with 350+ employees and produces approximately 9,000 units daily across a 5,000 m² manufacturing plant.
- Industry
- Footwear & Handbag Manufacturing (PVC-injected)
- Address
- Novo Hamburgo, RS, Brazil
- Employees
- 350
- Founded
- 2002
Attack summary
Severity: medium — Data published by the group with disclosed status, but no specific evidence of regulated/sensitive data (PII at scale, financial, medical) is mentioned in the available excerpt. No proof file count is documented. The company handles customer/client data and business records of moderate sensitivity in a manufacturing context.Blackfield claims to have breached Redeplast and published exfiltrated data. The specific data categories compromised are not detailed in the truncated leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Client information
- Operational data
What the group claims
Redeplast is a Brazilian footwear manufacturer with over 20 years of experience in the industry. The...
Sources
Source
Indexed 5 hours agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

