Ransomware Group: QILIN

VICTIM NAME: capmark[.]org

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak involves the website of a municipal advisory organization that provides financial planning and structuring services for public entities. The compromised site is identified as capmark.org, which specializes in advising on bonds, notes, and lease debt to meet capital and cash flow requirements. The breach was discovered on July 1, 2025, and appears to be associated with a hacking group known as “qilin.” The leaked data likely includes sensitive information related to the organization’s operations, but specific details have not been publicly revealed. Visual evidence, such as a screenshot, indicates that internal information or documents may have been accessed or exposed. This leak underscores the potential risks faced by financial institutions and public sector entities when targeted by cybercriminals. The group responsible may be seeking to publicly expose or sell confidential data, which could impact the organization’s reputation and operational security.

No personally identifiable information or sensitive individual details are included in the leak. The attack appears to be focused on organizational data rather than PII. The leak’s timestamp suggests recent activity, and the incident is part of a broader trend of digital security breaches affecting public finance advisory services. The screenshot provided by the attackers offers a glimpse of the potential scope of the data involved, which may contain internal communications, planning documents, or other proprietary information. As the breach impacts a financial advisory service, the primary concern is the confidentiality of client information and strategic planning documents. Efforts to assess and mitigate the impact of this breach should focus on internal security measures and further investigation into the exposed data.