Ransomware victim disclosure
← All victimsMusée du Bas-Saint-Laurent
Claimed by Qilin · listed 2 months ago
Status timeline
- ListedMay 17, 2026
- Data leakeddate unknown
At a glance
- Group
- Qilin
- Status
- Data leaked
- Country
- Canada
- Sector
- Hospitality and Tourism
- Listed on leak site
- May 17, 2026
About the victim
AI dossier — public-source company profileMusée du Bas-Saint-Laurent is a regional art and heritage museum located in Rivière-du-Loup, Québec, Canada. It hosts permanent and temporary exhibitions, educational programs, artistic camps, and community events, and is open Tuesday through Sunday. The museum also offers room rentals for congresses and events and maintains a boutique.
- Industry
- Arts, Culture & Museums
- Address
- 300, rue Saint-Pierre, Rivière-du-Loup, (Québec) G5R 3V3, Canada
Attack summary
Severity: medium — Data has been published by the group, indicating confirmed exfiltration, but no details on data type, scale, or sensitivity are available; the victim is a small regional museum unlikely to hold large volumes of regulated data.The Qilin ransomware group claims to have attacked Musée du Bas-Saint-Laurent and has disclosed data (status: data_published). No specific details about encryption, exfiltration volume, or data categories are provided in the leak post.
What the group claims
N/A
The leak post
captured from the group's site[Australian College of Business Intelligence](http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/blog?uuid=5ecb65aa-3960-4b61-ab37-802b4eb3d3d5) [Cooperativa de Hospitales de Antioquia - COHAN](http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/blog?uuid=bd0eebf4-e436-4f46-b7d8-0c21f8fff528) [John G Yphantides A Professional Law](http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/blog?uuid=1e464ce5-6e74-4e62-be0b-eac503e43af8) Law Firms & Legal Services Law Firms & Legal Services
Sources
Source
Indexed 2 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

