Hackers give Abilene, TX one week to pay ransom after cyber attack

Ransomware gang Qilin over the weekend claimed responsibility for last month’s cyber attack on the city of Abilene, Texas.

The city is still investigating an April 18, 2025 cyber incident that disrupted various city department networks and payment processing, according to an alert on Abilene’s official website.

Qilin says it stole 477 GB of data from the city and demanded a ransom be paid by May 27, 2025. If the city refuses to pay, Qilin threatens to make the data available for public download. To prove its claim, Qilin posted a sample of files that it claims to have stolen from the city, including tax returns and government documents.

Abilene officials have not verified Qilin’s claim. we do not know if the city did or will pay a ransom, how much Qilin demanded, what data might have been compromised, or how attackers breached the city’s network. Comparitech contacted Abilene officials for comment and will update this article if they reply.

Who is Qilin?

Qilin is a ransomware gang that began claiming responsibility for attacks on its data leak site in late 2022. Based in Russia, Qilin mainly targets victims through phishing emails to spread its ransomware. It launched in August 2022 and runs a ransomware-as-a-service business in which affiliates pay to use Qilin’s malware to launch attacks and collect ransoms.

Qilin has claimed 25 confirmed ransomware attacks in 2025 to date. Seven of those were against government entities, including:

Last week, Qilin claimed responsibility for a 2024 attack (PDF) on the non-profit organization for foster children, Promises2Kids.

In 2025, Qilin has made another 178 unconfirmed claims that haven’t been acknowledged by the targeted organizations.

Ransomware attacks on US government

Comparitech researchers have logged 24 confirmed ransomware attacks on US government entities in 2025 to date.

In addition to those mentioned above, other such attacks include those on Iowa County, WI; Gloucester County, VA; and the Westfield Fire District in Middleton, CT.

Our data shows US government agencies take an average of 4.13 months to notify victims whose personal data was breached in a ransomware attack.

Ransomware attacks on US government agencies and departments can steal data and lock down computer systems. The attacker then demands a ransom to delete the stolen data and in exchange for a key to recover infected systems. If the target doesn’t pay, it could take weeks or even months to restore systems, data could be lost permanently, and people whose data was stolen are put at greater risk of fraud. Ransomware can disrupt everything from communications to billing, payroll, and online services.

About Abilene, Texas

Abilene is home to more than 125,000 people in Taylor and Jones counties, Texas.