The Qilin ransomware group has listed its 17th victim from the ANZ region for 2026, the New Zealand firm Alpha Group Holdings.
Qilin listed the company in a 24 May leak post, but has not shared any details of the incident.
The affiliate responsible for the hack – Qilin is a ransomware-as-a-service group – has not shared any evidence, such as screenshots or documents, nor listed the volume of data allegedly stolen.
Despite the lack of further information, however, the leak post has been viewed 3,924 times, according to a ticker on the page.
Cyber Daily reached out to the Alpha Group for comment on the hackers’ claims, but has yet to receive a response.
Who is Qilin?
Since it first emerged in 2022, Qilin has claimed 1,863 victims, making it the most active ransomware actor, by volume of recent attacks, in action today.
The group operates under a ransomware-as-a-service model, with its inner circle taking a cut of any ransoms paid to its affiliates.
In an interview with Telegram channel CyberSecurityIL, a spokesperson for the group outlined its operations and targeting, suggesting a possible political motivation for its hacking activity at the time.
“All hacking targets we choose are related to the governments of the countries in which they are located. We do this intentionally to draw politicians’ attention to specific problems. There are no red lines for us,” the Qilin spokesperson said.
“If we know that the leadership of a particular commercial structure is related to the government of any country and can influence decision making that contradicts international agreements, we begin to attack this structure. Our purpose is to force the governments of countries to fulfil their obligations and keep the promises they made to their people.”
However, as Cyber Daily has observed on multiple occasions, the group’s tactics – and its threats to publish victim data – have seemed inconsistent over recent months. While some victims have had their data published, others, dating as far back as March and earlier this year, appear to have been forgotten, with no data published but with their leak posts still visible.
Alpha Group Holdings was listed alongside six other victims, one of which was the Australian firm Branded Products.
Who is the Alpha Group?
According to its website, the Alpha Group “specialises in harnessing the power of fungi and natural herbs to create functional health products”.
The company sells a range of health products in collaboration with Massey University’s Natural Nutraceutical Research Centre and the Riddet Institute.
In June 2025, the group announced construction had started on a “60,000-square-metre biotech manufacturing facility” in Ningde, China. The facility is expected to generate more than NZ$225 million in annual revenue.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.