The Qilin ransomware group has updated its dark web leak site with a significant list of alleged new victims. The group, known for its “Ransomware-as-a-Service” (RaaS) operations targeting critical industries, has claimed responsibility for breaching organizations across the United States, Europe, and Canada.
The latest list of alleged victims posted by the group includes:
-
Lake Superior State University (🇺🇸): A public university located in Sault Ste. Marie, Michigan.
-
BioPharma Services (🇨🇦): A clinical research organization (CRO) specializing in Phase I/IIa clinical trials.
-
Christofle (🇫🇷): A historic French luxury silversmith and tableware manufacturer.
-
Blue Projects (🇷🇴): A global engineering and project management firm for the industrial sector.
-
Zecher (🇩🇪): A specialized manufacturer of anilox rollers for the printing industry.
-
Paal (🇩🇪): A leading manufacturer of baling presses and waste compactors.
-
New England Tractor Trailer Training School (NETTTS) (🇺🇸): A vocational school specializing in commercial driving training.
-
Inspire Communities (🇺🇸): An owner and operator of manufactured home communities across the US.
-
Burnham Brown (🇺🇸): A pre-eminent business law firm based in California.
-
Eastek International (🇺🇸): A global contract manufacturer and supply chain management company.
-
Disston (🇺🇸): A manufacturer of saw blades, drill bits, and other power tool accessories.
-
Workflow Concepts (🇺🇸): A provider of business communication, collaboration, and IT solutions.
-
Columbia Medical Practice (🇺🇸): A large multi-specialty medical practice in Maryland.
-
Nottingham Village (🇺🇸): A senior living and healthcare community.
The allegedly compromised data includes a variety of sensitive internal documents. Based on the proof-of-compromise screenshots released by the actors, the leaks reportedly contain:
-
Financial documents, including invoices, cash flow summaries, and purchase orders.
-
Legal documents, such as non-disclosure agreements (NDAs) and logistics contracts.
-
Employee and trainee records, including training logs with signatures.
-
Internal compliance reports and audit details.
-
Personal identification and administrative forms.












