Ransomware Group: QILIN

VICTIM NAME: upstartpower[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware threat targeting Upstart Power, a US-based technology company specializing in advanced fuel cell generators, has resulted in a data leak accessible via a dark web link. The attack was discovered on June 12, 2025, and the firm is confirmed to be located in the United States. The cybercriminal group responsible for this incident is identified as “qilin.” The threat actors have announced that all compromised data will be made available for download on June 23, 2025. The leak includes sensitive corporate information, potentially affecting the company’s operations and reputation. Visual evidence from a screenshot indicates the leak page’s existence, but no explicit sensitive details are disclosed here. The attack appears to involve data exfiltration, with the potential for public data dissemination if ransom demands are not met.

The company specializes in designing solid oxide fuel cell (SOFC) generators, and the leak could expose confidential product information, corporate strategies, or internal communications. The leak page emphasizes the threat of data release and serves as a warning to stakeholders. No specific PII or customer data is publicly visible or included in this summary. The attack underscores the importance of cybersecurity hygiene for technology firms managing sensitive industrial data. The leak was publicly announced on a dedicated dark web site, highlighting the continuing threat landscape faced by the industry. The incident has been publicly documented with available visual evidence, but full details remain confidential until the scheduled data release.