Ransomware victim disclosure
← All victimsDistrict Shoes
listed as districtshoes.bg · Claimed by Ransomedvc · listed 3 years ago
Status timeline
- ListedSep 26, 2023
- Data leakeddate unknown
At a glance
- Group
- Ransomedvc
- Status
- Data leaked
- Country
- Bulgaria
- Sector
- Retail & Consumer
- Listed on leak site
- Sep 26, 2023
- Ransom demanded
- $15.000
About the victim
AI dossier — public-source company profileDistrict Shoes (districtshoes.bg) is a Bulgarian online and brick-and-mortar retailer specialising in sports footwear, apparel, and accessories. It stocks major international brands including Nike, Adidas, Puma, Converse, Reebok, and over 100 others, serving men, women, and children. The company describes itself as Bulgaria's largest sporting-goods site and operates physical stores under the 'District' and 'Sport Depot' banners.
- Industry
- Sporting Goods & Footwear Retail
Attack summary
Severity: medium — Exfiltration is claimed against a consumer e-commerce retailer holding customer PII and order data, but no proof files have been published, data volume is unspecified, and the ransom demand is relatively small, limiting confirmed impact.RansomedVC claims to have exfiltrated data from districtshoes.bg and threatens to publish all held information unless a ransom of $15,000 is paid; the post does not specify encryption of systems.
Data the group says was taken
AI dossier — extracted from the leak post- Customer personal information
- Customer email addresses
- Order history
- Account credentials
- Potentially payment-related data
What the group claims
We will leak all of the info we have on you if we dont get paid.We require a ransom of $15,000
Sources
- Victim sitedistrictshoes.bg
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

