CIIF Oil Mills Group Listed as New Victim of Qilin Ransomware
Manila, Philippines — The Coconut Industry Investment Fund Oil Mills Group (CIIF OMG), a major player in the Philippine food and beverage sector, has been listed by the Qilin ransomware group as its latest alleged victim.
CIIF OMG was established in the 1970s and operates multiple oil mills and refineries across the Philippines. The group is engaged in coconut oil milling and refining and is best known locally for its coconut cooking oil brand Minola, which has been in the Philippine market for over 50 years.
According to the threat actor’s leak listing dated December 17, 2025, Qilin claims to have accessed and exfiltrated more than 46,000 or 45GB of internal data from CIIF OMG. No official statement has been released by the company as of writing, and the nature of the compromised data has not been independently verified.
CIIF OMG is the third victim attributed to the Qilin ransomware group this month, following last week’s reported incidents involving AMH Philippines and Cagayan Appliance Center. The inclusion of CIIF OMG also brings the total number of reported ransomware victims for the month to five (5), marking the highest monthly count recorded this year in terms of ransomware-related attacks in the Philippines.
