Ransomware Group: INCRANSOM

VICTIM NAME: Chapter 13 Texas

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

Chapter 13 Texas is identified as the victim in the leak page, which is attributed to the ransomware actor group incransom. The post claims that more than 150 GB of private data, including employee records and data belonging to customers and partners, has been exfiltrated. It asserts that the management of planoch13[.]com has completely ignored the attackers and issues a 24-hour deadline before the data is published. The page frames the incident as a data leak resulting from a ransomware intrusion, and the post date listed on the page is 2025-10-08 10:00:00, which should be treated as the publication date for this leak. No ransom amount is disclosed within the post. The victim is located in the United States, and the industry is not provided in the data.

The leak page indicates a claim URL is present, suggesting there is a link to additional details or evidence, though no actual URL is shown here in this summary. There are no screenshots or images attached to the page (the page shows zero images), and there are no downloads or external links evident in the accompanying metadata. The content is conveyed in neutral English and aligns with a standard ransomware data-leak pattern: a countdown and threat to publish the stolen data if a demand is not met, though this post does not specify any monetary figure. Defanged references to the victim, such as planoch13[.]com, are used to avoid direct linking.