Ransomware: qilin claims Foot Solutions (US) — Consumer Services

On 15 May 2026, the ransomware group Qilin published a claim of responsibility for a data breach targeting Foot Solutions, a US-based consumer services company. The claim was posted on the ransomware.live leak site, which is commonly used by threat actors to pressure victims into paying ransoms. This incident falls under the BREACH framework, indicating a confirmed data exfiltration event. While the full scope of compromised data is not yet disclosed, such breaches typically involve personally identifiable information and financial data.

This event primarily affects Foot Solutions and its customers, but it also signals a broader risk for consumer services firms, particularly those in retail, healthcare, and footwear sectors that handle sensitive customer data. EU-based companies with US operations or data flows should be alert, as cross-border data incidents may trigger notification obligations under GDPR if EU residents are impacted. The Qilin group is known for targeting mid-sized organizations with weak cybersecurity postures.

Compliance teams should immediately verify whether any of their organization’s data is involved, assess contractual and regulatory notification timelines, and review incident response plans. For EU firms, this includes evaluating whether a personal data breach has occurred under Article 33 of the GDPR and notifying the relevant supervisory authority within 72 hours if so. Teams should also reinforce ransomware defenses, including offline backups, multi-factor authentication, and employee phishing awareness training.