- Home
- Z7 Cyber intelligence
- QILIN
QILIN
CLASSIFICATION
CRITICAL THREAT
The ransomware group that killed a patient
In June 2024, a ransomware attack on an NHS pathology provider caused something the cybersecurity industry had long feared but never confirmed: a patient died because of a cyberattack. The group responsible? Qilin. And they’re just getting started.
By October 2025, Qilin had become the most prolific ransomware operation on the planet, surpassing RansomHub’s entire 2024 victim count before the year was even over. They’ve hit pharmaceutical research firms, government agencies, hospitals, and 28 South Korean financial institutions in a single coordinated campaign. When confronted about the patient death, Qilin called the attack a “political protest” and expressed no remorse.
Our latest intelligence report delivers the most comprehensive analysis of Qilin to date, including the first published Z7-TAF threat assessment (9.35/10 CRITICAL) and a Z7-BAF breach case study on pharmaceutical research firm Inotiv, whose 10 years of drug development data is now in criminal hands.
And Why It's Now the World's Most Dangerous Cyber Threat
Inside the full report
- Complete Z7-TAF threat scoring with 8-dimension analysis
- NHS Synnovis case study: the attack that caused a national blood shortage
- Inotiv breach Z7-BAF assessment: 176GB of pharmaceutical research stolen
- Detailed TTPs from Cisco Talos, Trend Micro, and MS-ISAC incident response
- Korean Leaks campaign analysis: 28 firms compromised via single MSP
- Prioritized defensive recommendations by timeframe
Who needs this intelligence
CISOs and security leaders in healthcare, pharmaceuticals, government, and financial services. If your organization handles patient data, drug research, or critical infrastructure, Qilin considers you a target.