The Qilin ransomware group has allegedly targeted multiple US-based organizations, adding them to its dark web leak site. The group claims to have exfiltrated a significant volume of sensitive data from a law firm and a specialty flavor manufacturer, publishing proof of the breaches. The attacks, posted on August 13, 2025, threaten to expose confidential business and client information if the companies do not comply with the attackers’ demands.
Among the victims listed is The Paul Wilkinson Law Firm, which appears to have suffered a massive data breach. The threat actors claim to have stolen 1.8 TB of data, encompassing over 1.5 million files. Another victim, Flavor & Fragrance Specialties, also had its internal documents exposed. The leaks underscore the significant operational and reputational risks organizations face from sophisticated ransomware attacks that target sensitive legal, financial, and client data.
The victims of the alleged Qilin ransomware attack include:
- The Paul Wilkinson Law Firm 🇺🇸: A personal injury law firm based in Denver, USA, that specializes in representing victims of car, truck, and motor vehicle accidents. The allegedly exfiltrated data includes:
- Detailed descriptions of all cases handled by the firm
- Client personal data
- Accident reports and case details
- Flavor & Fragrance Specialties (FFS[.]com) 🇺🇸: A US-based Lucta brand that creates flavorings for coffee and other beverages. The allegedly exfiltrated data includes:
- Financial reports detailing cost items, salaries, taxes, and net profit.
- A completed Paycheck Protection Program (SBA) application form containing company legal details, financial indicators, and employee data.
- A corporate bank statement showing transactions, payment purposes, and counterparties.
- Internal financial reports with monthly and annual figures, budgets, and historical data.
