Ransomware Group: INCRANSOM

VICTIM NAME: carolynmyoung[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to the website of Carolyn Young, a financial services firm based in Northern California. The attack was discovered on July 31, 2025, and the leak was publicly disclosed shortly thereafter. The compromised site, associated with a company that provides fiduciary services to residents of the Sacramento Valley, is part of a ransomware operation that has publicly exposed certain information from the victim. The firm has a longstanding reputation, serving the community with a team of certified fiduciaries and generating approximately $5 million in revenue. While specific details of the leak are limited, the page includes a screenshot of the affected website, indicating that the attackers potentially accessed internal visuals or data. Download links or data leaks may have been posted, but explicit content or sensitive client information was not included in the available summary. The victim’s activities involve financial management, and the incident highlights concerns over cybersecurity hygiene for small to medium-sized firms. The website domain associated with the victim is also disclosed as part of the leak, emphasizing the attackers’ focus on publicly revealing compromised assets.

The leak does not specify detailed technical data or the scope of breached information; however, the presence of a screenshot suggests that visual content, possibly internal documents or website interfaces, was accessed. The attackers’ public claims imply that cybersecurity measures were bypassed, and data potentially exposed includes client or internal data, although no PII or sensitive personal data is explicitly confirmed in the leak. This incident exemplifies the risks faced by financial services firms in the digital age, particularly those handling fiduciary responsibilities. The ransomware group involved appears to operate in the ‘incransom’ category, and their tactics may include data exfiltration and public disclosure to pressure payment. Overall, this event underscores the importance of robust cybersecurity defenses for organizations holding financial and customer data.