[QILIN] – Ransomware Victim: Signet Armorlite, Inc[.]

AI Generated Summary of the Ransomware Leak Page

On October 22, 2025, Signet Armorlite, Inc., a US-based manufacturer that designs and produces glass ophthalmic lenses and molds, is listed on a ransomware leak site as a victim. The post identifies Signet Armorlite as the affected organization and frames the incident as a data-leak event associated with ransomware. The leak page provides a brief company profile, noting the firm’s founding in 1947 and its role in distributing ophthalmic lenses and adhesive optical supplies. A claim URL is indicated on the page, suggesting the attackers want readers to verify or access the data. The excerpt does not specify an encryption status or a ransom demand; instead, it emphasizes data exfiltration and the potential public release of stolen materials, which aligns with contemporary ransomware leak activities.

The leak page includes three images, described in neutral terms as screenshots of internal documents or data visuals, though their exact contents are not disclosed. These images are hosted on a Tor onion service, with no direct web URLs provided in the public excerpt. The post also references a TOX identifier and an FTP credential, though sensitive items are redacted where appropriate. The post is dated October 22, 2025, which is the post date, and it notes that the amount of data downloaded remains unknown at the moment. A claim URL is present on the page, reinforcing that this is a data-leak claim rather than a completed encryption event.