Russian ransomware group Qilin has claimed to have hacked Japanese retailer Super Value Co., posting samples of stolen financial and HR data on the darknet.
The criminals claim to have obtained the retailer’s internal documents, including:
HR files with employee personal data
Financial reports
Incident and cash loss files
Internal sales and delivery logs
Among the personal information that could have been compromised: full names, addresses, dates of birth, phone numbers, employment type and salary. The company has not yet commented on the claims, and the authenticity of the data is being verified.
If the leak is confirmed, Super Value employees could become victims of:
fraud
identity theft
phishing and social engineering
and the business could be the target of attacks and manipulation.
Qilin is one of the most active ransomware groups of 2024–2025. The group attacked:
SK Telecom
Nissan Creative Box
Synnovis (NHS)
Experts link Qilin to the Russian Federation. 88+ new victims have been recorded since September alone, and 900+ companies in total since 2023. The goal of the attack is not only ransom, but also pressure on key businesses in Japan. The incident highlights:
the growth of attacks on corporate supply chains in Asia
the increased risk of leaks of personal data of employees of large companies
the strengthening of cyber operations related to the Russian Federation
