Ransomware victim disclosure
← All victimsThoma Bravo, LLC (THL)
listed as THL · Claimed by Qilin · listed 15 hours ago
Status timeline
- ListedJul 14, 2026
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileTHL is a large private equity firm managing approximately $50 billion in equity capital across ten flagship funds. The firm invests in companies across three primary verticals: Financial Technology & Services, Healthcare, and Technology & Business Solutions, with additional focus on automation-driven digital transformation. THL has partnered with over 180 companies globally and facilitated more than 700 add-on acquisitions.
- Industry
- Private Equity & Investment Management
Attack summary
Severity: medium — Data has been published by the ransomware group and the victim is a major financial services entity with access to sensitive portfolio and investment data. However, without details on the specific data exfiltrated or operational impact, and given the absence of detailed proof in the available post, severity is assessed as medium rather than high or critical.The Qilin group claims to have conducted an attack against THL, with data published. However, no specific details on the nature of the attack (encryption, exfiltration, or both) or the data allegedly compromised are provided in the available leak post excerpt.
What the group claims
N/A
Sources
Source
Indexed 15 hours agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

