[QILIN] – Ransomware Victim: Canapés Mobilier Décoration

AI Generated Summary of the Ransomware Leak Page

On October 14, 2025, a ransomware leak post attributes Canapés Mobilier Décoration as a victim in an incident associated with the group qilin. The post frames the event as a data breach in which internal materials were exfiltrated and may be released publicly, aligning with common ransomware double-extortion themes. A claim URL is present on the leak page, indicating there is additional information or negotiations available through a linked page. The page includes three image attachments, described only in general terms as screenshots of internal materials to substantiate the breach. The date provided in the data is the key_date, and since there is no separate compromise date listed, this is treated as the post date. The victim’s name is preserved in full, while other company names mentioned in the text are not the focus of this summary. The country field indicates France, though the industry for the victim isn’t explicitly specified in the data.

In the post’s body excerpt, there are redacted contact details (an email-style contact labeled as Jabber) and a redacted FTP reference to a datashare host, suggesting typical attacker outreach and data transfer indicators without exposing actual contact data in this summary. A string labeled TOX appears in the excerpt, likely a hash or code used by the actors. The description field contains English-language marketing content about sofas and armchairs (L.LOFT-style product descriptions), which appears unrelated to the incident and may be incidental content included on the leak page. No explicit ransom amount is disclosed in the excerpt, and there is no visible encryption status beyond the claim of data exfiltration and potential public release. The page shows three image attachments and includes a claim URL, reinforcing the indication of a data-leak scenario rather than a simple encryption event.