The Qilin ransomware group has allegedly published data belonging to several international companies, adding them to its dark web leak site. The group claims to have exfiltrated a significant volume of sensitive information from victims in the United Kingdom, the United States, and Singapore. The targeted entities operate in diverse and critical sectors, including critical infrastructure manufacturing, software development, global agriculture, and business consulting, raising serious concerns about the potential impact of the exposed data.
The list of victims allegedly compromised by the Qilin ransomware operation includes:
- 🇬🇧 Flamgard Calidair: A UK-based global leader in manufacturing high-integrity damper products used in critical applications like nuclear power stations, tunnels, and marine vessels. The attackers claim to have leaked the company’s entire operational data, including sensitive product blueprints and schematics, financial records, and the personal data of all employees and customers. The breach also allegedly created an access point to its parent company, Halton Corporation.
- 🇺🇸 Master System Inc: Headquartered in Arcadia, California, this company develops and supports enterprise management software for thousands of distributors. The ransomware group allegedly leaked all of the company’s MSSQL databases and client files located on cloud and local servers.
- 🇸🇬 Musim Mas Group: One of the world’s largest integrated palm oil corporations, based in Singapore. The breach allegedly occurred via the company’s German division, exposing financial information, budgets, and personal data of employees and customers. The actors claim the leak also exposed details about the parent company’s operations.
- 🇺🇸 NPi Audio Visual Solutions: A US company that organizes and hosts private business events and conventions for high-profile clients. The exposed data allegedly includes confidential client information, budgets, contracts, and staff salaries, which could fall under the Ohio Data Protection Act (ODPA).
- 🇺🇸 Blytheco: A prominent US consulting firm providing business management software solutions since 1980. The allegedly leaked data includes detailed internal financial and operational documents.
- 2025 project budgets and employee workload reports
- Detailed payroll registers for July 2025
- Bank of America statements for the company’s operating account
- Software licensing agreements
- Confidentiality and Mutual Non-Disclosure Agreements (MNDA) with clients
