Qilin Ransomware Group Targets Melbourne-Based Branded Products in Latest Attack
The Qilin ransomware-as-a-service (RaaS) operation has listed Branded Products, a Melbourne-based branded merchandise supplier, as its latest victim. The hackers added the company to their leak site on 24 May, though details remain scarce only a link to Branded Products’ ZoomInfo profile was provided. Neither Qilin nor the affiliate behind the attack has disclosed the volume of stolen data, its contents, or any ransom demands.
Branded Products is one of seven companies named by Qilin on the same day. The company, which serves high-profile clients including the NSW government, Department of Foreign Affairs and Trade, Melbourne Avalon Airport, and Specsavers has not responded to requests for comment. Headquartered in Cranbourne West, Melbourne, the firm operates across Australia and New Zealand, with procurement teams in China, supplying products like drinkware, IT gear, and sports apparel.
Qilin has emerged as a dominant ransomware threat in 2026, claiming 1,862 victims since 2022 and currently leading in attack volume. The group operates under a RaaS model, taking a cut of ransom payments from affiliates. However, its tactics have been inconsistent some victims, like Australian IT firm Bluize (breached this month), saw their data published, while others from earlier in the year remain in limbo with no leaked files but visible leak posts. This suggests varying extortion strategies or technical capabilities among affiliates.
With 12 Australian victims in the first half of 2026 alone, Qilin’s targeting of Branded Products underscores the persistent risk to supply chain and corporate entities in the region.
Branded Products® Global cybersecurity rating report: https://www.rankiteo.com/company/branded-products-australia
"id": "BRA1779762229",
"linkid": "branded-products-australia",
"type": "Ransomware",
"date": "5/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'NSW government, Department of '
'Foreign Affairs and Trade, '
'Melbourne Avalon Airport, '
'Specsavers',
'industry': 'Branded Merchandise Supplier',
'location': 'Cranbourne West, Melbourne, Australia',
'name': 'Branded Products',
'type': 'Company'}],
'data_breach': {'data_exfiltration': True},
'date_detected': '2026-05-24',
'date_publicly_disclosed': '2026-05-24',
'description': 'The Qilin ransomware-as-a-service (RaaS) operation has listed '
'Branded Products, a Melbourne-based branded merchandise '
'supplier, as its latest victim. The hackers added the company '
'to their leak site on 24 May, though details remain scarce. '
'Neither Qilin nor the affiliate behind the attack has '
'disclosed the volume of stolen data, its contents, or any '
'ransom demands.',
'impact': {'brand_reputation_impact': True, 'data_compromised': True},
'investigation_status': 'Ongoing',
'motivation': 'Financial gain (Ransom)',
'ransomware': {'data_exfiltration': True, 'ransomware_strain': 'Qilin'},
'references': [{'date_accessed': '2026-05-24', 'source': 'Qilin leak site'}],
'threat_actor': 'Qilin Ransomware Group',
'title': 'Qilin Ransomware Group Targets Melbourne-Based Branded Products',
'type': 'Ransomware'}