[QILIN] – Ransomware Victim: Truro Cannabis

AI Generated Summary of the Ransomware Leak Page

Truro Cannabis, a Canada-based company operating in the Agriculture and Food Production sector, is named as the victim in a ransomware leak post attributed to the Qilin group. The post is dated October 29, 2025 (post date) and presents a data-breach narrative typical of ransomware operators, asserting that the attackers gained access to Truro Cannabis’ network and exfiltrated data. A claim URL is provided on the page for contact or negotiation, and the body excerpt includes a token labeled TOX: 7C35408411AEEBD53CDBCEBAB167D7B22F1E66614E89DFCB62EE835416F60E1BCD6995152B68, which appears to function as an identifier or verifier for the stolen material. The page concentrates on the victim’s sector and country, with no other company names prominently cited within the text aside from Truro Cannabis.

The leak page features a gallery of 21 images described as screenshots, intended to illustrate internal documents or material claimed to have been compromised; the exact contents of these images are not described in the available metadata. There is no downloadable data offered on the page (downloads_present is false), and no explicit ransom amount is disclosed in the provided data. The presence of a claim URL suggests the attackers are offering a channel for negotiation or further instructions. Taken together, the post reflects ransomware actors’ use of leaked material to pressure a victim in the Canadian cannabis/retail and broader agri-food sector, underscoring ongoing risk to similar organizations in this industry.