Ransomware victim disclosure
← All victimsZone Soft
listed as zonesoft.pt · Claimed by Ranstreet · listed 3 years ago
Status timeline
- ListedDec 21, 2023
- Data leakeddate unknown
At a glance
- Group
- Ranstreet
- Status
- Data leaked
- Country
- Portugal
- Sector
- Technology
- Listed on leak site
- Dec 21, 2023
About the victim
AI dossier — public-source company profileZone Soft is a Portuguese software company specializing in point-of-sale (POS), mobility, and commercial management solutions for restaurants, retail, and hospitality businesses. Operating for 20 years with over 42,000 licenses deployed across Portugal, Brazil, Spain, South Africa, and Cape Verde, the company serves more than 30,000 clients with integrated payment, invoicing, and inventory management platforms.
- Industry
- Point-of-Sale & Business Management Software
- Founded
- 2006
Attack summary
Severity: medium — Data has been published by the threat actor and the company handles sensitive customer and payment data for thousands of businesses across multiple countries. However, the absence of a leak post excerpt, proof file counts, and specific data inventory details limits confidence in impact assessment.RanStreet group claims to have compromised Zone Soft and published exfiltrated data. No specific details on data scope, encryption activity, or proof files are provided in the available disclosure.
Data the group says was taken
AI dossier — extracted from the leak post- Customer databases
- Business management records
- Payment processing data
- Client operational records
Sources
- Victim sitezonesoft.pt
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

