Ransomware victim disclosure
← All victimsQuahe Woo & Palmer LLC
Claimed by Titan · listed 2 months ago
Status timeline
- ListedMay 18, 2026
- Data leakeddate unknown
At a glance
- Group
- Titan
- Status
- Data leaked
- Country
- Singapore
- Sector
- Business Services
- Listed on leak site
- May 18, 2026
About the victim
AI dossier — public-source company profileQuahe Woo & Palmer LLC is a Singapore-based law firm with offices in Singapore and Hong Kong. The firm offers a broad range of legal services including corporate and commercial law, litigation and dispute resolution, banking and finance, immigration, insolvency, intellectual property, and private client matters. The firm has a substantial roster of directors, associate directors, senior associates, and associates across both jurisdictions.
- Industry
- Legal Services (Law Firm)
- Address
- Singapore; Hong Kong (dual office presence)
- Employees
- 51-200
Attack summary
Severity: high — A law firm holds highly sensitive attorney-client privileged data, including personal and financial information of clients across multiple practice areas (banking, corporate, criminal, family, immigration). Data publication by the threat actor at a firm of this nature constitutes significant exposure of confidential and potentially regulated data, warranting a high severity rating even absent granular proof details.The Titan ransomware group claims to have compromised Quahe Woo & Palmer LLC and has disclosed the data (status: data_published). No specific details on encryption or exfiltration methods, data volume, or ransom amount are stated in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Client legal files
- Attorney-client communications
- Corporate transaction documents
- Employee records
- Financial records
Original description
AI-summarised, not from the leak postN/A
Sources
- Victim sitewww.qwp.sg
- Leak posthttps://titanblog.org/post/quahe-woo-palmer-llc-rtosr5edr7
Source
Indexed 2 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

