[QILIN] – Ransomware Victim: Executive Cabinetry

AI Generated Summary of the Ransomware Leak Page

Executive Cabinetry, located in Simpsonville, South Carolina, is described on the leak page as an industry leader in semi-custom and custom cabinetry. The page notes a 226,000-square-foot vertically integrated facility and states that all products are American-made and handcrafted locally. The post frames the incident as a data-leak rather than a full encryption of systems, and the amount of data allegedly exfiltrated is not disclosed at the time of posting. The date shown on the leak page is 2025-10-14, which is treated as the post date since no explicit compromise date is provided. The page includes three image attachments that appear to be internal documents or screenshots, hosted on an onion service to support the claim, with content not described in detail. It also lists redacted contact details (a Jabber address and a TOX fingerprint) and shows an FTP data-share link with credentials redacted. There is currently no downloadable data presented on the page.

The page’s body excerpt centers on Executive Cabinetry’s operations and the claim of data exfiltration, but no ransom demand or encryption of systems is explicitly shown in the excerpt. The post’s metadata confirms three attached images and notes that the amount of downloaded data remains unknown, with no publicly accessible downloads at this time. The three image attachments are described only as internal-document visuals, and the presence of redacted contact methods alongside an onion-hosted asset underscores a typical ransomware-leak presentation intent on public exposure. Taken together, the leak page signals a data-leak scenario affecting a US-based manufacturing firm, without a disclosed data size or ransom figure as of the post date.