[QILIN] – Ransomware Victim: OMS

AI Generated Summary of the Ransomware Leak Page

On 2025-11-10 17:37:19.365510, the ransomware leak post identifies the victim as OMS and attributes the intrusion to the threat actor group qilin. The listing reads as a data-leak notice, consistent with double-extortion campaigns that emphasize exfiltration of data rather than only encryption. A claim URL is indicated on the page, suggesting a channel for ransom or data-release negotiation, though the available data does not specify a ransom amount. The page contains three embedded images (likely screenshots or internal documents) presented on a Tor onion service; their exact contents are not described in the supplied data. The victim’s industry is not disclosed in the leak metadata.

The body excerpt includes a line referencing “TOX” followed by a long hex string, which appears to be an internal reference or hash associated with the leak. There are three images noted on the page and no additional downloadable files listed in the provided data; there is no explicit compromise date beyond the post date, which should be treated as the publication date. Personal or other identifying information is redacted where present, with OMS remaining the focal victim in this summary. The post aligns with standard ransomware-leak patterns, featuring actor attribution, a data-leak claim, and evidence in the form of images, plus a claim URL, without a stated ransom figure in the accessible text.