Active since 2022 · ~1000+ victims in 2025 · double extortion · suspected Russia-linked
Victim organization
Musashino University
A university in Tokyo, Japan, listed on the Qilin (WikiLeaks2) ransomware leak site, where the actor has posted sample documents and claims to hold data stolen from the institution. Authenticity, volume, and scope are unverified.
Japan
Appearance on the Qilin leak site with sample documents posted indicates the actor has exfiltrated data and is exposing samples to pressure the institution under a double-extortion model. As a university, Musashino holds large volumes of personal data on students, applicants, and staff, along with financial and administrative records, and any authentic exposure would carry risks of identity theft, fraud, and lasting privacy harm. Qilin is among the most active ransomware operations and has repeatedly targeted education and healthcare. The posted samples appear to include financial and administrative documents, though their authenticity and full scope remain unverified. No data, samples, or actor contact channels are reproduced here. Musashino University has not publicly addressed the claim as of this post.
Dark Web InformerThreat Intelligence
