Ransomware Group: QILIN

VICTIM NAME: VANTAGE

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware attack targeted a Canadian legal firm, VANTAGE, exposing over 2 terabytes of sensitive data, primarily involving client information. The breach indicates a serious compromise of confidential records, highlighting a significant breach of privacy and trust. The threat actors have set a precise deadline of 150 hours for the victim to initiate contact, emphasizing the urgency of the situation. The leak page includes a screenshot visualizing some of the compromised data, which underscores the severity of the data exfiltration. No specific attack date was provided, but the data was publicly disclosed on June 3, 2025.

The compromised information appears to contain various confidential documents and files related to clients and casework. The incident has garnered attention through a dark web claim URL, indicating the breach’s authenticity. The threat group responsible for the attack is identified as ‘qilin.’ As of the available data, no additional details about the attack vector or attacker’s identity are disclosed. The leak serves as a stark reminder of the cybersecurity risks faced by legal practices and similar organizations handling private data. The visual evidence, including a screenshot, reflects the scale and seriousness of the data breach.