Ransomware victim disclosure
← All victimsPUNTO
listed as Punto.bg · Claimed by Ransomed · listed 3 years ago
Status timeline
- ListedSep 26, 2023
- Data leakeddate unknown
At a glance
- Group
- Ransomed
- Status
- Data leaked
- Country
- Bulgaria
- Sector
- Technology
- Listed on leak site
- Sep 26, 2023
- Ransom demanded
- $30.000
About the victim
AI dossier — public-source company profilePUNTO (punto.bg) is a Bulgarian retail chain specialising in footwear, handbags, and accessories for women, men, and children. The company operates multiple physical store locations across Bulgaria and an e-commerce platform, carrying both exclusive and popular brands including Tamaris, WIRTH, and Jorge Bischoff. It serves a broad consumer market with seasonal collections and promotional campaigns.
- Industry
- Footwear & Accessories Retail
Attack summary
Severity: medium — The group claims exfiltration and threatens publication, but no proof files have been published and no specific regulated or sensitive data (e.g. payment card data, medical records) is confirmed. The victim is a retail e-commerce operator, so customer PII and order data are plausibly at risk, but the absence of published proof and unverified claims limit severity to medium.The ransomed group claims to have exfiltrated data from PUNTO and threatens to publish all obtained information unless a $30,000 ransom is paid; the post does not specify encryption of systems.
Data the group says was taken
AI dossier — extracted from the leak post- Customer personal data
- Business/operational data
- Potentially e-commerce transaction records
What the group claims
We will leak all of the info we have on you if we dont get paid.We require a ransom of $30,000
Sources
- Victim sitepunto.bg
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

