The Qilin ransomware group has allegedly claimed responsibility for a massive cyberattack, targeting at least eleven organizations across the globe. The threat actor has published a significant volume of data allegedly exfiltrated from the victims, which span diverse sectors including manufacturing, construction, education, healthcare, and even law enforcement. The breached entities are located in the United States, Canada, Japan, and Australia, highlighting the international scope of this coordinated campaign.
The leaked information appears to be highly sensitive and varies by victim. For some, the breach includes internal financial documents, corporate agreements, and insurance policies. For others, the impact is more personal, with the exposure of employee and student records, passport details, medical examinations, and police incident reports. The publication of this data on the dark web puts the affected companies, their employees, and their clients at significant risk of fraud, identity theft, and other malicious activities. The full extent of the breach is still under investigation as the victim organizations have not yet publicly commented on the incident.
The following organizations were allegedly compromised by the Qilin ransomware group:
- Shinko Plastics Co. Ltd: A leading Japanese manufacturer and seller of plastic sheets, films, and raw materials. Leaked data allegedly includes financial data, budgets, and supplier and customer contacts.
- Belmont Christian College: An educational institution in New South Wales, Australia. Exposed information reportedly contains internal data, personal details of students and employees, and financial records related to charitable contributions and institutional expenses.
- Sota Construction Services: A Pittsburgh-based provider of commercial and residential construction services. The breach allegedly exposed mortgage notes, certificates of liability insurance, police incident reports, and a non-disclosure agreement with Robert Morris University.
- Studebaker Submetering: A company specializing in water consumption metering systems. Leaked files reportedly include client agreements, subcontracts for construction projects, audit reports, and a US passport.
- CS Truck & Trailer (csrepair.com): A comprehensive fleet service provider specializing in truck and trailer repair and maintenance. The leaked data allegedly contains employee documents, including a notarized affidavit, a resignation letter, and a termination form.
- Lodi Police Department (lodipd.org): A municipal police department in the United States. The highly sensitive leak allegedly includes US citizen passport cards, foreign passport pages, training invoices with officer details, police reports, court summons, and medical bills for officer examinations.
- Camdon Construction (camdon.ca): An Alberta-based construction and project management company. The data breach allegedly exposed tender project documentation, employee tax forms (T4), a Canadian passport application, and an insurance claim.
- Avosina Healthcare Solutions (avosinamed.com): A provider of medical billing and IT services with operations in the US and India. Exposed documents reportedly include employee payslips, service agreements, and sensitive patient medical records, including intake forms, invoices, and ultrasound reports.
- EyeQ Monitoring: A major US provider of real-time video surveillance services. The leak allegedly contains client invoices, a passport, legal notices, an access control system contract, a vehicle lease agreement, and corporate filing invoices.
- Lawrence Paper (lpco.co): A designer and manufacturer of corrugated boxes and packaging solutions. Allegedly leaked data includes the company’s complete 2025 insurance policy, financial agreements, tax returns, bank statements, and sales reports.
- Ryeco: An international company servicing and manufacturing paper, hygiene, and recycling products. The breach reportedly exposed equipment lease agreements, supplier code of conduct compliance letters, insurance policies, and documents related to employee benefits and payment planning.
