[QILIN] – Ransomware Victim: BARCO Rent-A-Truck

AI Generated Summary of the Ransomware Leak Page

On October 19, 2025, a leak post published by the ransomware group Qilin names BARCO Rent-A-Truck as a victim. BARCO Rent-A-Truck is described as a United States–based provider of corporate 4×4 pickup truck rentals with a fleet that includes 1/2, 3/4, and 1-ton models, serving a wide range of clients. The post presents the incident as a data-exfiltration event associated with ransomware activity and implies that stolen data could be released publicly or accessed by the attackers. The post notes that the amount of downloaded data is unknown at the time of publication and promises an update later. The leak page features three screenshots/images as evidence of the breach, though the specific contents of these visuals are not described in the text.

The leak page also includes attacker-provided contact channels and data-sharing references. It lists a Jabber contact and a TOX address, but the actual identifiers are redacted on the publicly visible page. An FTP link is included for data exchange, with the password portion redacted; the host address is defanged as 64[.]176[.]162[.]76. The three images cited on the page are hosted on a Tor onion service, and while they are described only as internal documents or slides, their exact contents are not detailed in this summary. In addition, the page’s description mentions an email-style contact and a data-sharing avenue, but both are sanitized for privacy in the public view.

Notes on the post’s framing: given the absence of an explicitly stated compromise date, the post date is treated as the event date (2025-10-19). The material aligns with ransomware data-leak patterns by emphasizing data exfiltration and providing screenshots as evidence, without a disclosed ransom amount in the visible text. The focus remains on BARCO Rent-A-Truck as the victim, with other company names mentioned in the surrounding narrative omitted from this sanitized summary.