The Qilin ransomware group has allegedly added Yapi Teknik Proje, a prominent Turkish engineering and project management firm, to its dark web leak site. Established in Istanbul in 1988, Yapi Teknik specializes in the static design, project planning, and implementation of reinforced concrete, steel, and timber structures for major national and international projects. The company has a significant portfolio that includes housing and business centers, water treatment plants, bridges, and factory buildings, highlighting its important role in the region’s infrastructure development.
The threat actors published several screenshots of what appears to be sensitive internal documents as proof of the breach. The allegedly exfiltrated data seems to be extensive and primarily financial in nature, potentially exposing the company’s internal operations, financial health, and business relationships. The publication of this data on the group’s leak site is a common tactic used by ransomware gangs to pressure victims into paying the demanded ransom.
Based on the evidence presented by the Qilin group, the compromised information allegedly includes:
- Financial statements and balance sheets
- Detailed income and expense tables
- Current account status reports for customers and suppliers
- Lists of clients and partners with outstanding balances
- Internal cost analysis and production-related spreadsheets
- Personnel and departmental lists
