Ransomware Group: QILIN

VICTIM NAME: Tappoo Group of Companies

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to the Tappoo Group of Companies, a retail and wholesale business operating in Fiji. The breach was identified on June 26, 2025, and the attackers are affiliated with the threat group “qilin.” The leak appears to involve sensitive information linked to the company’s operations, with the leak page including a screenshot of internal documents. The website listed for the company is www.tappoo.com.fj, which serves as a primary retail outlet for high-quality products across various key locations in Fiji. The post does not disclose specific details of the data compromised but indicates a serious breach impacting the organization’s data security.

The leak offers a link to a dark web claim URL, suggesting that the attackers potentially seek ransom or to claim control over some of the organization’s data. Additionally, the leak page shows that there is at least one downloadable data set or file, although its contents are not explicitly detailed in the available information. The screenshot included in the leak indicates the presence of internal documents or communication snippets, which could contain confidential operational or customer-related information. The company’s activity involves retail services in Fiji, specifically in retail and wholesale distribution, though no specific attack details or victim’s internal data contents are provided in this summary.