Ransomware victim disclosure
← All victimsCarmelo Candy Inc
Claimed by Nightspire · listed 3 months ago
Status timeline
- ListedApr 6, 2026
- Data leakeddate unknown
At a glance
- Group
- Nightspire
- Status
- Data leaked
- Country
- United States
- Sector
- Consumer Services
- Listed on leak site
- Apr 6, 2026
About the victim
AI dossier — public-source company profileCarmelo Candy Inc appears to be a US-based candy and confectionery company operating an online retail storefront at shop.caramelo-candy.com. The company is engaged in the sale of candy and related consumer goods. No further verified details about scale, headquarters, or founding date are available from the provided sources.
- Industry
- Confectionery & Candy Retail
Attack summary
Severity: medium — Data is listed as published, indicating confirmed exfiltration, but no details on data type, volume, or sensitivity are available; the sector (consumer confectionery retail) does not inherently involve large-scale regulated data, limiting severity to medium absent further evidence.The Nightspire ransomware group claims to have attacked Carmelo Candy Inc and lists the disclosure status as data_published, suggesting data exfiltration has occurred. No specific details about the nature of the data or scope of the attack are available from the truncated leak post.
Original description
AI-summarised, not from the leak postN/A
Sources
- Victim sitewww.shop.caramelo-candy.com
Source
Indexed 3 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

