Ransomware Group: QILIN

VICTIM NAME: regentscapital[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Regents Capital Corporation, a financial services firm based in the United States. The attack was discovered on June 5, 2025, and the compromised data is scheduled for public disclosure on June 17, 2025. The leak indicates that sensitive information belonging to the company may be available for download once the specified date arrives. The page includes a screenshot depicting internal details or documents related to the victim organization, highlighting the breach’s potential severity.

The incident involves the exfiltration of corporate data, potentially affecting the company’s operations and client information. The leak appears to target data associated with the company’s activities in equipment financing, which is a core sector of its business. The ransomware group has publicly announced the breach and provided a URL for the leak, emphasizing the threat posed by the cybercriminal group. No specific PII or employee information is indicated, but the publication of such data could have serious implications for the company’s reputation and client trust.

The victim’s website is registered under the domain “regentscapital.com,” and the breach is linked to the “qilin” threat actor group. The leak is part of a broader campaign emphasizing the risk to financial sector organizations from targeted ransomware attacks. Additional details suggest that the attackers have collected extensive data, which, upon release, could include confidential business information. The leak has been timestamped as discovered at 21:51 on June 5, 2025, and a screenshot of the compromised data appears to include internal documents or communications, though specific contents are not disclosed. The information shared underscores the importance of cybersecurity vigilance in the financial services industry to prevent such damaging breaches.