Ransomware Group: QILIN

VICTIM NAME: cpshawaii[.]net

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to ControlPoint Surveying, Inc., a company specializing in topographic, hydrographic, and cadastral surveying primarily serving Hawaii and the Pacific Rim. The breach was discovered on May 29, 2025, with the leak actively ongoing since then. It was announced that all of the company’s data would be made available for download on June 12, 2025. The leak page includes a screenshot of an internal website, indicating the nature of the compromise. The attackers are identified as part of the group “qilin.” No personal or sensitive employee information is explicitly mentioned, and the leak value appears to focus on company and project data rather than PII.

Details from the leak suggest the attackers are threatening to release the entire database, including project files and company information, unless demands are met. The claim URL provided links to an onion site containing the leaked data, highlighting the ongoing threat and active data exploitation. The information shared on the page indicates the attack was detected early, though the full extent of the breach and its impact on operations remains unclear. As the leak involves publicly available project descriptions and confidential data, it poses risks to the company’s reputation and operational security. The leak page features a relevant screenshot illustrating the internal data exposure, emphasizing the seriousness of this cybersecurity incident.