Qilin Ransomware Gang Claims Breach at US Regents Capital Corporation

• Regents Capital Corporation was reportedly the target of a cyberattack that exposed sensitive corporate data.
• Qilin Ransomware claims to have stolen 99 GB of company data that it threatens to publish.
• Uploaded sample files seem to present corporate bank statements and share repurchase agreements.

U.S.-based Regents Capital Corporation has reportedly become the latest victim of the Qilin ransomware group, according to claims published by the threat actor. Qilin announced responsibility for the breach, alleging the exfiltration of 99 GB of sensitive corporate data. 

The group has set a deadline of June 17, 2025, on its dark web leak site and threatened to publicly release the data should their demands not be met. Qilin, known for targeting financial and critical infrastructure organizations, provided evidence in the form of several uploaded sample files.

Among these, the group claims to possess internal documents including a corporate bank statement, a share repurchase agreement, and a solar power plant purchase and installation agreement. 

These samples indicate the incident may involve the exposure of proprietary contracts, financial records, and documents relating to ongoing or completed transactions.

At the time of reporting, Regents Capital Corporation has not issued a public statement confirming the breach or providing details on the extent of the compromise or data loss. 

The exposure of documents such as bank statements or strategic agreements could have regulatory, reputational, and competitive implications for Regents Capital and its stakeholders. 

Qilin was the leading ransomware group in April following RansomHub’s alleged fall, but the gang was dethroned by SafePay in May 2025.