Qilin ransomware gang claims breach of the Church of Scientology's UK operations

The Qilin ransomware gang has claimed responsibility for a cyberattack on the Church of Scientology, targeting the Advanced Organisation Saint Hill UK (AOSH UK) in West Sussex, England, the organization's main UK headquarters. 

The ransomware gang published 22 document screenshots as proof of access. The leaked documents include materials dated from April through November 2025. The claimed exposed data types includes:

• Visa processing records for UK Religious Worker visas, including named individuals and immigration costs ranging from £1,800 to £4,500 per person
• Member lists with account balances and organizational hierarchies (including "Sea Org" status designations)
• Security budgets for 2024 and 2025 totaling nearly £100,000, with detailed allocations for patrol services, bomb detection dogs, executive protection teams, vehicles, and perimeter security
• Financial invoices and banking details, including IBAN numbers and bank account information
• Internal purchase orders and operational spending for mailing campaigns and events
• Personal member information, including travel history, internal classifications, and payment arrangements
• HR and finance workflow documents with internal sign-offs, staff names, and departmental references
• Knowledge reports on individual members and their activities within the organization

The number of affected individuals is not disclosed. 

The Church of Scientology has declined to comment on the breach. Former Scientology staff members have indicated that the leaked documents could be "hugely damaging" to the organization, especially regarding operational transparency and member privacy.