Ransomware Group: INCRANSOM

VICTIM NAME: erniesinceresco[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak pertains to a retail business operating primarily in the United States, offering a wide range of furniture, mattresses, flooring, appliances, and electronics from well-known brands. The attack took place on July 18, 2025, shortly before the public disclosure date, indicating a recent compromise. The compromised data includes over 30GB of information, which appears to contain sensitive employee and business details. The threat actors have published a screenshot of their data leak, which includes internal documents and potentially proprietary information. Notably, download links to the stolen data are available through the leak site, revealing the extent of the breach and the potential exposure of confidential business information.

The site includes an image preview of the leaked data, such as screenshots of internal content. The targeted organization is identified as a retail company with approximately 88 employees, operating primarily in the US. The compromised website offers no customer or PII data disclosures beyond business information but highlights the seriousness of the intrusion. The attackers have also included a link to a protected leak claim page. Overall, the incident underscores the risk faced by the retail sector from ransomware groups, emphasizing the importance of cybersecurity measures to prevent such breaches. No specific personal details of individuals are visible or disclosed in the leak summary.