Ransomware Group: QILIN

VICTIM NAME: Asefa Insuarance

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The compromised entity is identified as Asefa Insurance, a company specializing in insurance services within the financial sector. The cybersecurity incident was discovered on June 11, 2025, and it is believed that the attack took place on June 9, 2025. The leak is associated with the threat group known as ‘qilin.’ The breach involves data exfiltration, and a screenshot of the leaked information suggests that sensitive internal documents or communications may have been accessed. No specific infostealer tools were identified in the attack. The API confirms the leak includes data that might be valuable to adversaries, but sensitive or PII information has been redacted to maintain confidentiality and privacy standards.

The leak page features a link to a dark web site where the stolen data can presumably be viewed or downloaded. While explicit details of the breach are not provided, the presence of a dedicated leak page indicates a significant security incident affecting Asefa Insurance. The company’s activity in the insurance sector, notably in the financial services industry within Ethiopia, underscores the potential impact of this breach on client data and organizational operations. The leak includes screenshots that are likely of internal documents, possibly revealing confidential information. Overall, the incident highlights the growing threat landscape targeting organizations in the financial sector, emphasizing the need for robust cybersecurity measures to prevent such attacks and protect sensitive data.