Ransomware Group: INCRANSOM

VICTIM NAME: fsl[.]org

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The Family Service League (FSL), a social service organization established in Huntington since 1926, has become a victim of a significant data breach. The attack was discovered on July 30, 2025, and involves the leak of approximately 100 gigabytes of sensitive data, including medical and personal information. FSL provides vital support to over 60,000 residents of Long Island through more than 60 programs across multiple locations. The breach has compromised data related to vulnerable populations, including seniors, homeless individuals, and those suffering from mental health issues or addiction. The incident has been publicly acknowledged by the attackers, who have indicated that the data will be published soon on their blog. The breach underscores increasing cyber threats targeting organizations handling confidential personal and healthcare data.

The leaked information is linked to the incransom ransomware group, which appears to have targeted FSL using infostealer malware, notably Lumma, to extract data. The attackers have confirmed the breach in a public claim, sharing a link to their blog via an onion domain, and have included a screenshot of their leak page showing evidence of the compromised data. The malicious activity involved only one employee account, and the breach included data from at least one third-party entity. The compromised domain, fsl.org, is associated with the organization’s official website, which now faces potential reputational and operational challenges due to the leak. The incident highlights the growing threat landscape facing organizations involved in social services and healthcare, emphasizing the need for improved cybersecurity measures to protect sensitive community data.