Ransomware Group: INCRANSOM

VICTIM NAME: firstpresatl[.]org

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to the website of First Presbyterian Church of Atlanta, an organization within the education sector based in the United States. The attack was discovered on July 31, 2025, and the data breach appears to involve the exposure of sensitive information related to the organization. This church, serving a community with a focus on faith-based activities, employs approximately 86 staff members and has an annual revenue of around five million dollars. The breach was publicly claimed by a group involved in ransomware attacks, suggesting that data, possibly including operational details, may have been compromised. A screenshot of the affected website is available, showing internal elements or digital evidence of the attack.

There is no specific information about personally identifiable information (PII) or individual data leaks reported within the leak page. However, the incident highlights potential vulnerabilities in organizations operating within the religious and community service sectors. The attacker’s claim link leads to an onion site for more details, and the incident is classified under “incransom,” indicating a ransomware-related breach. The publicly available screenshot provides visual confirmation of the compromise, but no detailed data or files are disclosed publicly at this stage. Overall, the breach underscores the importance of cybersecurity defenses for community organizations handling sensitive organizational and operational data.