The Qilin ransomware group has allegedly claimed responsibility for successful cyberattacks against two disparate international companies, leaking a significant amount of data for both. The victims, a major Swedish tour operator and a US-based insurance adjustment firm, appeared on the threat actor’s dark web leak site on August 4th. The group has published files allegedly stolen from both organizations, exposing sensitive customer and corporate information to the public.
The targeted organizations are:
- STS Alpresor: Described as the largest tour operator in the Nordic region, STS Alpresor has been operating since 1976. The Swedish company serves approximately 50,000 travelers annually, organizing trips to the Alps from Sweden, Norway, and Finland.
- Eastern Adjustment Company, Inc.: A locally-owned Independent Adjusting firm in the United States. The company specializes in assisting insurers with the adjustment of losses and claims related to fire, marine, casualty, and both personal and commercial property.
The data leak from STS Alpresor is allegedly comprehensive, with the attackers claiming to have published the company’s “full archive.” This allegedly includes sensitive customer booking information such as names, phone numbers, and reservation details. The breach also purportedly exposed internal corporate data. For Eastern Adjustment Company, the attackers claim to have leaked 11 GB of data, including what appears to be sensitive client claim forms, licensee personal information, and internal employee lists.
