Ransomware Group: INCRANSOM

VICTIM NAME: Lamberts Business Systems

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Lamberts Business Systems, a company based in New Zealand that specializes in business systems, hardware, and network services. The breach was publicly disclosed following a compromise that was discovered on July 9, 2025. Despite the attack’s date, there is no specific information about the exact timeline of the breach, but it has been confirmed as part of a targeted ransomware campaign. The leaked information indicates the company’s involvement with multiple clients, including businesses in various sectors, which may have been impacted by the data disclosure. The page includes a screenshot illustrating some internal details, possibly related to the attack or compromised data. No detailed data or files are explicitly made available on the leak page, but the presence of download links or data leaks is suggested through references. The breach impacts the company’s reputation and highlights cybersecurity vulnerabilities threatening its operations and client relationships.

The leak page features a visual screenshot demonstrating snippets of internal documents or system interfaces, implying potential exposure of sensitive operational details. The attack appears to be part of a larger ransomware campaign linked to a group identified as “incransom.” Notably, the company’s broad client base includes various local businesses and service providers, emphasizing the wide-reaching implications of the breach. The publicly shared claim URL on the dark web provides access to the leak details, which may include further technical or operational data not directly visible in the summary. The incident underscores the importance of robust cybersecurity measures for organizations handling critical business technology and client data.