[QILIN] – Ransomware Victim: Indian Spring Country Club

AI Generated Summary of the Ransomware Leak Page

On October 19, 2025, a ransomware leak page attributed to the group Qilin lists Indian Spring Country Club as a victim. The club, described as a private, gated facility located in Boynton Beach, Florida, operates in the Hospitality and Tourism sector, offering championship golf, tennis, fitness, and casual and formal dining to its members and guests. The post presents the incident as a data-leak event and claims that data has been exfiltrated, rather than detailing a complete encryption of systems. The post date is the publication date (October 19, 2025); there is no separate compromise date provided. The page notes that the amount of downloaded data is unknown at the moment and will be added later, and there is no disclosed ransom amount on the page. The leak page includes three images intended to illustrate the claim, though their contents are not described. The post is written in English and is placed in the United States.

The leak page references attacker contact channels and exfiltration-related notes. A jabber contact is listed but redacted in the posted data, and a TOX identifier is included. An FTP-style reference appears in the excerpt, suggesting access to an exfiltrated data repository; however, sensitive credentials shown in the snippet are not disclosed here. The input data notes three image attachments and indicates that downloads are not currently listed, while the body text states that the amount of downloaded data remains unknown and will be updated later. The combination of data-exfiltration claims, attacker contact channels, and multiple image attachments aligns with common ransomware leak-page patterns observed in the hospitality sector, underscoring ongoing risk to private clubs and similar organizations. No specific ransom figure is publicly disclosed on the page.