08.10.2025
2 min
519
The hacking group Qilin has announced the hacking of one of the most prestigious clubs in the United States, the California Golf Club of San Francisco (Cal Club). The attackers claim to have stolen more than 10 GB of personal and financial data of club members, including private correspondence and payment documents. On October 8, the Qilin leak site published samples of 23 files that, according to the hackers, came from the club’s servers. They contain names, addresses, phone numbers, dates of birth, membership statuses, as well as information about payment of dues and personal letters.
The documents include membership certificates, letters confirming admission to the club, membership criteria, minutes of board meetings, as well as financial data: initial contributions of up to $160,000, monthly payments of up to $8,500, and even utility bills for more than $100,000.
Additionally, the stolen materials include employee files containing employee data, 401K plans, bonuses, and a copy of an employee’s driver’s license.
Founded in 1918, the California Golf Club of San Francisco is ranked among the top 20 most exclusive golf clubs in the United States by *Forbes*. Membership is by invitation only, with a six-figure entrance fee and annual fees in the tens of thousands of dollars.
According to Cybernews Ransomlooker, Qilin is the most active ransomware group of 2025, having attacked over 580 targets worldwide. Recent victims include Asahi Holdings Brewery, Shamir Medical Center in Israel, Nissan Creative Box in Japan, and Inotiv in the United States.
The hackers use the Ransomware-as-a-Service (RaaS) model and employ a two-pronged blackmail scheme: first demanding a ransom for decrypting the data, and then for a promise not to publish the stolen data.
The Cal Club incident demonstrates that even closed and high-profile organizations are not immune to leaks. The publication of private information about club members can lead to targeted phishing attacks, social engineering, and reputational damage. In turn, Qilin’s activity confirms that cybercriminals are focusing on money-making and prestige objects to maximize profit and public resonance.
