Russian cyber-criminal hacking group Qilin have targeted the Church of Scientology and published a series of internal documents after gaining access to their UK internal systems.
The documents include financial information relating to security arrangements at the recent International Association of Scientologists (IAS) event and suggests the Church may have engaged in potential visa fraud, with one report detailing several staff members working in the UK without the correct visas.
Under GDPR, the United Kingdom’s data protection law, breaches of this nature must be reported to the Information Commissioner’s Office, and may result in fines of up to ÂŁ17.5 million or 4% of annual turnover, whichever is greater.
So far the hackers have only published a small selection of documents, however their nature suggests this is just the tip of the iceberg in terms of the number of files they may have gained access to. Qilin are a Russian-based ransomware group who have in the past acquired hundreds of gigabytes (and in some cases terabytes) of data from big corporates and government institutions, demanding large sums of money in order to avoid making it publicly available.
According to an October 2025 Cybernews article, the group have targeted over 700 companies in a range of industries, falling into the following categories:
Cybernews, October 2025
- 45 attacks on healthcare providers (14 confirmed)
- 40 attacks on government entities (22 confirmed)
- 26 attacks on the education sector (7 confirmed)
- 590 attacks on businesses (75 confirmed):
- 143 on manufacturers (11 confirmed)
- 108 on service-based businesses (9 confirmed)
- 69 on finance companies (27 confirmed)
- 50 on retailers (2 confirmed)
- 34 on construction companies (2 confirmed)
The article goes on to state: “When it comes to Qilin’s ransom demands in 2025, some of the biggest ones included: Malaysia Airports Holdings Bhd – the gang demanded $10 million after an attack on Malaysia’s Kuala Lumpur International Airport in March 2025, which disrupted its systems and allegedly netted the gang 2 TB of data. Airport officials said they have refused to pay.”
“Cleveland Municipal Court, USÂ – Qilin reportedly demanded $4 million after causing weeks of disruption at the entity in February 2025, which the court refused to pay.”
and “Ciudad AutĂłnoma de Melilla, Spain – Qilin demanded $2.12 million following a disruption that affected the Spanish city in June 2025. Qilin also said that it stole 4 to 5 TB of data, although no ransom was paid.”
It is unclear how much Qilin are demanding from Scientology in order to prevent the data from being made public, but the documents published so far may already have severe consequences for the Church. Here’s what has been released so far:
Qilin is a cyber-criminal group, and this hack is undoubtedly a crime. We do not support criminal activity, however it is clear – based on the media coverage of Scientology’s UK operations and the nature of the documents shared thus far – that there is a legitimate public interest in this data breach.
We will continue to bring you news and updates on this story as it develops.
