Ransomware victim disclosure
← All victimsKasida
listed as kasida.bg · Claimed by Ransomedvc · listed 3 years ago
Status timeline
- ListedSep 9, 2023
- Data leakeddate unknown
At a glance
- Group
- Ransomedvc
- Status
- Data leaked
- Country
- Bulgaria
- Sector
- Technology
- Listed on leak site
- Sep 9, 2023
- Ransom demanded
- $8.000
About the victim
AI dossier — public-source company profileKasida (kasida.bg) is a Bulgarian online retailer specialising in baby and children's products, including strollers, car seats, nursery furniture, clothing, footwear, toys, feeding equipment, and related accessories. The store operates in Bulgaria and offers its interface in Bulgarian and supports EUR and BGN currencies. It appears to be a dedicated e-commerce platform for parents and young families.
- Industry
- Baby & Children's Products Retail (E-commerce)
Attack summary
Severity: high — The group claims confirmed exfiltration of the full database (likely containing customer PII such as names, addresses, and order/payment data) combined with deliberate deletion of all backups, causing potential operational disruption and data loss. This constitutes confirmed exfiltration of PII at scale with additional destructive impact.RansomedVC claims to have gained access to Kasida's critical infrastructure, exfiltrated its database, and deleted all server backups, demanding an $8,000 ransom. The post references 'linktera' infrastructure, suggesting a possible hosting or platform provider relationship.
Data the group says was taken
AI dossier — extracted from the leak post- Customer database
- Server backups
- Critical infrastructure access
What the group claims
We have been able to access all of linktera critical infrastructure including her database, we dumped and then deleted all backups from the serversWe require a ransom of $8,000
Sources
- Victim sitekasida.bg
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

