Ransomware Group: QILIN

VICTIM NAME: foiegrasespinet

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Maison Espinet, a company based in France that specializes in traditional foie gras products, including fresh, frozen, semi-cooked, and canned varieties. The attack was discovered on July 24, 2025, and the breach involves the exposure of sensitive business information. The attack date is recorded as July 24, 2025, and the leak appeared several hours later, indicating rapid discovery and response. The compromised data may include internal documents, operational details, or other confidential business information, although explicit contents are not detailed publicly. The site offers access via a dark web portal, with screenshots indicating visible internal information or documents.

The leak is part of a broader campaign by a group known as “Qilin.” Visible information on the leak page suggests that the attackers may have gained access to proprietary data relevant to Maison Espinet’s operations in the agriculture and food production sector. The leak does not specify personally identifiable information but indicates the potential exposure of business-sensitive documents. The page includes a screenshot illustrating the leaked contents, signaling a breach of confidentiality. No additional personal details or PII are revealed, and the attack appears focused on corporate data. The presence of download links or exposed files suggests the potential for further information dissemination if downloaded or accessed by malicious actors.