[QILIN] – Ransomware Victim: Henrietta Ezeoke Law Firm

AI Generated Summary of the Ransomware Leak Page

On 2025-10-27 17:10:59.682365, the ransomware leak post attributed to the threat actor group qilin identified Henrietta Ezeoke Law Firm as a victim. The Nigeria-based firm operates in the Business Services sector. The post frames the incident as a data exfiltration event associated with ransomware, stating that sensitive data has been stolen from the victim’s network and may be released or published. A claim URL is present on the leak page, though no ransom amount is disclosed in the excerpt provided here. The focus remains on Henrietta Ezeoke Law Firm, rather than other organizations mentioned elsewhere in the surrounding text.

Visual evidence on the leak page consists of three image assets that appear to be screenshots of internal documents or related materials. The images are hosted on a defanged onion domain referenced by the attackers. The presence of these images supports the claim of data exfiltration, though the contents of the screenshots are not described in detail in the available excerpt. In addition to the images, the body excerpt reveals UI scaffolding and scripts typical of a leak site — including login/registration forms and CAPTCHA logic — suggesting the page reproduces or integrates with typical site functionality for public viewing.

The post is attributed to the group “qilin” and concerns a Nigeria-based law firm in the Business Services sector. The available data provides a post date with no separate compromise date indicated. A claim URL is present on the page, but the excerpt does not include any disclosed ransom amount. Personal identifying information appears to be redacted in the source data, with any PII such as emails or addresses removed or obfuscated. Overall, the leak page presents a data-leak claim rather than a straightforward encryption detail, with visual evidence meant to illustrate the attackers’ claims while preserving safety for readers.