Ransomware Group: QILIN

VICTIM NAME: atlantissubmarines

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Atlantis Submarines, a prominent company specializing in passenger-carrying submarine technology. Established in 1985, this company is recognized for developing the world’s first tourist submarine and has safely conducted over 580,000 dives with more than 18 million passengers. The breach was discovered on July 2, 2025, and the leak is attributed to a hacking group known as “qilin.” The incident involves potential data exposure related to the company’s operations in the hospitality and tourism sector in the country identified by the code “BB.” The page includes a screenshot depicting internal documents or data that hint at the extent of the breach. Although no specific compromised data or PII is explicitly detailed, the leak information suggests that sensitive operational or customer data may be involved. Download links or evidence of data being published are not explicitly indicated in the available data.

The leak site features a visual screenshot indicating the breaching of internal systems, which could contain operational details or confidential information about the company’s submarine services. No explicit mention of personally identifiable information (PII) or sensitive customer data is provided, implying that the breach may involve proprietary or internal records. The company’s activity, characterized by innovative tourism activities, makes this breach potentially significant for customer confidentiality and operational security. The incident’s public exposure illustrates ongoing cybersecurity risks facing the tourism and hospitality industry, emphasizing the importance of robust security measures to prevent unauthorized access to sensitive enterprise data.