Ransomware Group: INCRANSOM

VICTIM NAME: piercecountylibrary[.]org

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak involves the Pierce County Library System, a public library network comprising 20 locations in the US. The breach was discovered on May 22, 2025, and it appears the attack date was also around the same time. The affected organization offers free access to a vast collection of books, media, and educational programs for families and children, emphasizing its role in community education and engagement. The leak includes a screenshot of internal data, suggesting that sensitive information may have been compromised. However, specific details about the data leaked or the extent of the breach have not been publicly disclosed.

The cybercriminal group responsible for the attack is identified as “incransom.” The incident involved data that could relate to various organizational information such as employee data, third-party associations, and user details, although no PII has been revealed in the available information. Notably, the breach is linked to the distribution of info-stealer malware, with notable variants like Raccoon and RedLine detected as part of the attack’s activity. The affected library’s domain is piercecountylibrary.org, and the organization is recognized for its role in educational services. Despite the breach, there is no evidence suggesting the leak includes harmful or explicit content, but it may impact organizational security and public trust.