Ransomware Group: QILIN

VICTIM NAME: Dominion Lending Centres

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak concerns Dominion Lending Centres, a financial services organization based in Canada. The leak was discovered on April 21, 2025, and the attack date is also recorded as April 21, 2025. The leaked data includes a screenshot of the compromised webpage, which features information about the company’s mortgage services, emphasizing their access to competitive products and rates across Canada. The leak appears to include internal or confidential information, potentially containing sensitive data related to the company’s operations. No explicit mention of PII or specific client information is provided, but the presence of such leaks indicates a possible data breach impacting internal data.

The victim’s website, hosted under the domain www.dlcthemortgagesource.ca, is associated with the financial sector. The leak was posted on a dark web portal accessible via a provided onion link, suggesting that the attackers targeted the company’s online resources. The leak features a screenshot image highlighting internal content, likely illustrating the nature of the breach. No additional download links or data leaks are explicitly referenced in the available information. The group responsible for the attack is identified as “qilin” and the date of discovery confirms the incident’s recent occurrence. Further details about the specific compromised data are not disclosed, but the incident underscores the ongoing threat to financial institutions from cybercriminal activities.