The Qilin ransomware group claims to have breached Rex-Hide Inc., a United States-based manufacturing company specializing in custom rubber products. The company, which operates multiple subsidiaries, was added to the group’s extortion blog.
According to the actor, a significant amount of data was exfiltrated during the attack. Sample files shared by the group as proof of compromise appear to include:
- Financial documents, including payroll and petty cash spreadsheets.
- Internal CRM and customer data from systems like XoView.
- Work orders, shipping archives, and auction approval forms.
- Documents related to subsidiaries and partners, including Pinnacle, Garcorp, and Rainbow.
- Files related to major customers, including shipping documents for SpaceX and Lockheed Martin.
- Executable setup files and internal IT shortcuts.
