[QILIN] – Ransomware Victim: Middlesex Appraisal Associates

AI Generated Summary of the Ransomware Leak Page

On October 15, 2025, Middlesex Appraisal Associates, a US-based business services firm that provides appraisal and consulting services in Eastern Massachusetts, is identified on a ransomware leak page as a victim of a data-exfiltration incident. The post, attributed to the threat actor group “qilin,” claims that internal information was made publicly accessible, indicating a data-leak scenario rather than encryption-only. The post does not provide a specific compromise date beyond the publication date; the post date serves as the anchor for the event in the absence of a stated compromise date. The leak page includes a body of text and a collection of 16 image attachments intended to illustrate the breach, though the exact contents of those images are not described in the excerpt. There is no ransom amount or demand stated in the available content.

According to the body excerpt, the page frames the breach as tied to a service the company added that allegedly leaks personal information to the public, claiming that internal information was exposed to anyone who wished to access it. The excerpt also contains contact channels associated with the leak, including a Jabber alias (the address is redacted in the published metadata) and an FTP link containing credentials (the credentials are redacted in the published metadata). The leak page features 16 image attachments—likely screenshots of internal documents or data—hosted on an onion service; the exact contents of these images are not described. Overall, the posting underscores the data-exposure aspect of the incident and reflects the ongoing ransomware risk faced by professional services firms handling sensitive client information.