[QILIN] – Ransomware Victim: Scales Sales & Service

AI Generated Summary of the Ransomware Leak Page

On October 19, 2025, a leak post attributed to the group qilin publicly discloses an incident involving Scales Sales & Service, a United States–based business services firm that specializes in scale equipment and related services. The victim is described as a long-standing company founded in 2004 in Omaha, Nebraska, with a multi-site footprint that includes locations in Colorado, Nebraska, and Iowa. The post frames the event as a data-leak rather than a full encryption of systems, noting that the amount of data exfiltrated remains unknown and that no ransom demand is stated in the excerpt. The attackers claim to have exfiltrated data from Scales Sales & Service and imply that stolen materials may be released publicly or made available for download, which aligns with established patterns seen in ransomware extortion campaigns. The leak page includes three images or screenshots, though their specific content is not described in the excerpt.

Supplementing the narrative, the leak post presents metadata and contact indicators typical of ransomware leak sites. PII in the public text is redacted, with references to a Jabber contact shown as redacted and a TOX identifier present; an FTP credential line is visible but the sensitive information has been redacted. The page records three images as evidence, though the exact contents of those images are not detailed here. The dataset notes that downloads are not directly provided on the page (downloads_present: false), while the accompanying text states that the amount of downloaded data is unknown, consistent with the dual-extortion model where data exfiltration is claimed but public release timing remains unclear. The post is dated October 19, 2025, which is the post date; no separate compromise date is provided. The summary preserves Scales Sales & Service as the named victim, with other company names mentioned in the source text not referenced in this summary.