Spim.ru

In October 2024 a threat actor known as Shadow posted a database belonging to the Russian sleep products online store spim.ru on a darknet forum. The incident involved approximately 400,000 user data records and 160,000 customer call entries. The compromise exposed sensitive personal information including full names, contact details, and physical addresses. The data appears to have been exfiltrated from the company backend systems and shared publicly for free or sale on criminal platforms.