Ransomware Group: QILIN

VICTIM NAME: caldine

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a company identified as Fratellanza Popolare Caldine, operating within the training industry. The company is based in Fiesole, Tuscany, Italy, and employs between 50 to 99 staff members with an annual revenue estimated between 10 million to 25 million euros. The leak was discovered on June 23, 2025, and the attack date is reported as June 19, 2025. The incident involves the release of potentially sensitive information associated with this organization, which appears to be targeted by a ransomware group known as Qilin. The page includes a screenshot of internal documents, giving a visual indication of compromised data. Although specific details about the compromised data are not disclosed, the presence of download links or data leaks is implied through the leak portal. The content is presented in a neutral, professional manner, emphasizing the breach’s impact on this Italian company involved in training services, without exposing any personally identifiable or sensitive information publicly.

The leak page features a URL linked to a dark web site, offering access to the compromised data related to the company. The screenshot included shows internal documents or data, possibly indicating the nature of the leaks, but no explicit descriptions are provided. The attack falls under the cybercriminal group ‘Qilin,’ which is known for targeting organizations with extortion and data breaches. The incident highlights the importance of cybersecurity measures for businesses in the training sector, especially those operating in regions like Tuscany, Italy. No specific customer or employee PII is evident from the leaked information, ensuring compliance with privacy standards while still informing stakeholders of the breach’s occurrence. Overall, this reflects a significant cybersecurity event targeting a mid-sized Italian enterprise, emphasizing vigilance and response readiness.