Ransomware Group: QILIN

VICTIM NAME: QUINTADAMARINHA[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The compromised entity is identified as the website for the Onyria Quinta da Marinha Hotel, located in Cascais-Sintra, Portugal. This hotel is situated in a scenic area between urban amenities and natural landscapes, near both beaches and mountains, approximately 25 km from Lisbon. The attack was publicly disclosed on July 2, 2025, indicating a recent breach of their online infrastructure. The leak appears to involve sensitive or internal data, as evidenced by the screenshot linked on the page, which shows internal documents or system screens. The threat actors, associated with the group known as “qilin,” have released the data as part of their extortion or leak campaign, with a claim URL accessible via a dark web link. The leak’s details and the extent of data compromised remain unspecified, but the incident highlights a significant security breach for the hotel’s online systems.

The leaked information may include confidential business data or internal communications, given the nature of the screenshot and the context of ransomware breaches. No personally identifiable information or customer data was directly mentioned in the available data, but the release of internal visuals suggests potential exposure of sensitive operational details. The attack underscores the importance of cybersecurity enhancements for hospitality and tourism sectors, especially those managing high-profile or premium establishments. While the full impact of the breach isn’t detailed, the incident serves as a reminder of the ongoing threat posed by ransomware groups targeting diverse industries worldwide. The organization and security measures should be reviewed to mitigate further risks or data exposures.