Ransomware Group: QILIN

VICTIM NAME: pinnacle Roofing and Exteriors

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak involves Pinnacle Roofing and Exteriors, a company based in Charlotte, North Carolina, specializing in roofing and exterior services such as metal, slate, shingles, gutters, and custom metal fabrication. The leak was discovered on July 13, 2025, indicating a recent compromise that potentially exposes sensitive business information. The attack date is reported as July 13, 2025, suggesting that the breach occurred around that time. The page includes a screenshot of internal documents, which may contain business-related or operational data, but no explicit sensitive details are disclosed publicly. The incident is linked to a group known as “qilin,” and the leak is managed through the specified dark web claim URL, which provides further details to authorized parties.

The leak’s content appears to include data collection and potentially confidential information related to the company’s operations. The focus on the leak suggests that cybercriminals may have accessed proprietary data, client information, or internal communications. No personally identifiable information of clients or employees is publicly visible, and the leak seems primarily centered around business data. The ransomware group has shared a screenshot of internal documents as evidence of their access. The incident underscores the growing threat to construction industry firms from cyberattacks, emphasizing the need for enhanced cybersecurity measures to protect operational integrity and sensitive data.