Ransomware Group: QILIN

VICTIM NAME: Habitat for Humanity of Greater Sioux Falls, Inc[.]

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to Habitat for Humanity of Greater Sioux Falls, a non-profit organization dedicated to affordable housing initiatives within the community. The attack was publicly disclosed with a confirmed compromise date of June 25, 2025. The breach may have resulted in the exposure of internal data; however, specific details about compromised information have not been publicly disclosed. The leak page includes a screenshot indicating that sensitive information, potentially related to internal operations or client data, was accessed or targeted. The victim operates in the public sector within the United States and focuses on improving community living standards through shelter programs.

The attack was carried out by a group identified as “Qilin,” which is known for ransomware activities. The incident was discovered the day after the breach, on June 26, 2025. The leak offers a claim URL on the dark web where additional details or proof of the breach might be available, though the specifics of the data stolen are not detailed publicly. The organization’s website discusses its mission to advocate for affordable housing, emphasizing its community service role rather than commercial activity. The leak’s image includes visual evidence of the breach, showing screenshots of internal documents or system information, but no explicit sensitive details are shared here.