The Qilin ransomware group claims to have breached Grandes Vinos, a prominent Spanish winery and wine distributor headquartered in Zaragoza. Known for its extensive network of winegrowers and its presence in the Cariñena region, the company has allegedly been compromised by the threat actor, which has threatened to publish internal data if their demands are not met. The leak site displays a countdown timer indicating the imminent release of the stolen information.
According to the actor, they have exfiltrated 620 GB of data consisting of 292,922 files. The allegedly compromised data includes:
-
Personal Identification Documents: Scans of Spanish National ID cards (DNI) and passports belonging to individuals.
-
Legal Contracts: Lease agreements (such as vehicle leases) and commercial contracts involving “Grandes Vinos y Viñedos S.A.”
-
Internal Spreadsheets: Employee or partner contact lists, including “Grocery Licensee Contacts” with names and email addresses.
-
Financial Records: Invoices, budget breakdowns, and payment records.
-
Product Information: Details regarding wine inventory and product listings (e.g., Torres Gran Coronas Reserva).
