Ransomware Group: INCRANSOM

VICTIM NAME: Funktel GmbH

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to funktel GmbH, a prominent manufacturer specializing in professional security and communication solutions based on DECT and TETRA technologies. The incident was publicly disclosed on June 4, 2025, following the attack date of June 3, 2025. The threat actors have claimed responsibility for a significant data breach resulting in the exposure of approximately 3.5 terabytes of sensitive data. The breach affects the company’s operations in Germany, where it serves clients in the industrial, public utility, and governmental sectors. The leaked materials include confidential technical information, internal documents, and other proprietary data, which are scheduled to be published on the threat group’s blog.

The leak page includes a screenshot of internal documents, illustrating the severity of the breach and the extent of compromised information. The attackers have indicated their intent to publish the data publicly, emphasizing the potential risk posed to the company’s reputation and client confidentiality. The breach’s specifics, including how the attack was carried out, remain undisclosed, but the volume of stolen data highlights a substantial security incident. No personally identifiable information (PII) or sensitive customer data appears to be explicitly referenced in the leak summary, but the exposure of proprietary technical and operational documents suggests serious implications for the organization’s security posture and business continuity.