[QILIN] – Ransomware Victim: Omrin

AI Generated Summary of the Ransomware Leak Page

Omrin, a Netherlands-based waste management company, is named as the victim in a leak post attributed to the attacker group qilin. The post frames the incident as a data exfiltration event connected to a ransomware intrusion and presents Omrin’s scale by noting that the organization serves more than 1.6 million residents and 10,000 businesses with waste collection, recycling initiatives, and sustainable energy programs. The leak page includes three screenshots of internal documents or related visuals, described only in general terms rather than their specific contents. A claim URL is listed on the page, indicating a channel to verify claims or engage in negotiation, though no ransom amount is disclosed in the provided data. The text also references an FTP link with credentials, but these sensitive details are redacted in this summary. The overall posting aligns with common ransomware leak site patterns that threaten to publish stolen data.

Date and status reference: The post is dated October 25, 2025. No explicit compromise date is provided in the extracted data, so the post date is treated as the reference date for when the leak appeared. The leak page does not appear to offer direct data downloads (downloads_present is false). The page notes three images (images_count = 3), consistent with screenshots or internal visuals. A hashed value labeled TOX and an FTP path are included in the body excerpt, with the credentials and sensitive details redacted in this summary. While the page references an external data path and a claim URL, no ransom figure is stated in the data. The incident is framed as a breach affecting a Netherlands-based waste management organization, underscoring ransomware risks to critical municipal services.