Ransomware Group: INCRANSOM

VICTIM NAME: bayviewci[.]org

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak involves the organization operating under the domain bayviewci.org, which serves the community of San Francisco with a focus on education and health initiatives. The attack date is recorded as July 10, 2025, with the breach discovered later that same day. The organization, known as the Bayview Hunters Point Foundation, primarily provides social services addressing behavioral health, homelessness, housing, food insecurity, and reintegration of formerly incarcerated individuals. It is a charitable entity established in 1971, dedicated to serving multicultural and disadvantaged populations. The breach has resulted in the exposure of approximately 15GB of data, which likely includes internal documents and confidential information. The leaked content potentially impacts the organization’s operations but no specific sensitive data is detailed publicly.

The leak page features a screenshot showing internal visuals or documents related to the organization. A download link is available for the 15GB of compromised data, indicating the scale of the breach. The organization highlights its community-centered approach aimed at promoting dignity, healing, and justice. Despite the attack, no PII of individual clients or employees is explicitly referenced in the leak report. The incident underscores the importance of cybersecurity for healthcare and social service organizations that handle sensitive community data and underscores the risks posed by ransomware threats targeting nonprofits and public service entities.