Ransomware victim disclosure
← All victimsComOferta
listed as comoferta.com · Claimed by Darkvault · listed 2 years ago
Status timeline
- ListedAug 8, 2024
- Data leakeddate unknown
At a glance
- Group
- Darkvault
- Status
- Data leaked
- Country
- Brazil
- Sector
- Business Services
- Listed on leak site
- Aug 8, 2024
About the victim
AI dossier — public-source company profileComOferta is a Brazilian promotion-sharing platform that enables retailers to advertise consumer offers and allows users to discover, purchase, and share deals on social networks. The platform aggregates supermarket and retail offers across product categories ranging from groceries to electronics.
- Industry
- Software & Digital Services / E-commerce Platform
Attack summary
Severity: medium — Data has been published by the group (disclosed status confirmed), indicating exfiltration occurred. However, no specific sensitive data categories (PII at scale, financial, medical, regulatory) are confirmed in the leak post or site evidence. The platform primarily handles non-sensitive offer listings and user-generated deal shares, though user account databases could contain personal information.Darkvault claims to have compromised ComOferta's systems. The group has published data from the attack but provided no specific details about encryption, exfiltration scope, or data types affected.
Data the group says was taken
AI dossier — extracted from the leak post- user accounts
- retailer/merchant information
- offer data
- platform source code or configuration
What the group claims
Developer of a promotion-sharing application designed to offer an online channel for the dissemination of offers. The company's platform allows retailers to advertise their offers to consumers who can still share these offers on their social networks, with basic information about the product, price and establishment, enabling users to buy and share deals with their network.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

