[QILIN] – Ransomware Victim: Klima-Therm

AI Generated Summary of the Ransomware Leak Page

Klima-Therm, a Poland-based manufacturer of climate-control solutions, is identified as a ransomware leak victim on a publicly listed leak page. The post is dated 2025-10-19; because no explicit compromise date is provided in the data, this date is treated as the post date. The page frames the incident as a data-leak event resulting from unauthorised access, indicating that sensitive information has been exfiltrated and could be released publicly or offered for sale. The post does not disclose a ransom amount; it notes that the total amount of downloaded data is unknown at present and will be updated later. The leak page features three images that appear to be screenshots of internal documents, used to illustrate the data-leak claim, and it provides a claim URL for further information (the actual URL is not shown here). The content is in English and describes Klima-Therm’s manufacturing footprint and its ongoing growth, including expansion into renewable-energy-related segments.

The leak page includes three images that appear to be internal-document screenshots, offering visual support for the claimed data exfiltration. It also contains references to a contact pathway and file-sharing endpoint, though any personal contact details and credentials have been redacted to protect privacy. There are no direct downloads available from the leak page, and no ransom figure is stated. Since no compromise date is listed in the input, the published date (2025-10-19) is treated as the post date for this summary. A claim URL is visible on the page, indicating the attackers intend to provide additional information or updates about Klima-Therm’s data, which aligns with common ransomware data-leak practices.