Ransomware Group: QILIN

VICTIM NAME: palawancoop hospital

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak pertains to the Palawan Co-op Hospital, a healthcare facility located in the Philippines. The incident was publicly disclosed on June 10, 2025, and the attackers announced that all data related to the hospital would be made available for download on June 22, 2025. The breach likely involves sensitive patient and operational information, given the hospital’s healthcare activity, although specific details have not been disclosed within the leak summary. Evidence indicates that the ransomware group “qilin” is responsible for this attack. The publicly available screenshot shows an image of the hospital’s branding or related internal content, possibly including internal documents. The incident underscores the ongoing cybersecurity risks faced by healthcare institutions and highlights the importance of robust data protection measures.

The leaked data appears to include critical information from the Palawan Medical Mission Group Multipurpose Cooperative. As part of the leak, the attackers have announced their intent to release all the affected data for download, which could include patient records, internal communications, and operational data. The attack was discovered on June 10, 2025, and further details suggest the breach may impact the hospital’s operations and data security posture. No personally identifiable information or specific data points are included in the summary, but the leak emphasizes the threat landscape targeting healthcare providers and the potential for significant data exposure. The group behind the attack is identified as “qilin,” a known threat actor in the ransomware ecosystem.