Ransomware Group: INCRANSOM

VICTIM NAME: lstlaw[.]ca/ Leaked by www[.]etornetworks[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page indicates a security breach involving the victim domain related to legal services in Canada. The attack was publicly disclosed on July 14, 2025, with the threat actors claiming responsibility through a dedicated dark web claim URL. According to the leak, the attackers gained access to internal files stored on the compromised server and have made some of this sensitive information available online. The breach appears to involve an external hacking group identified as “incransom,” which has published confidential data potentially related to legal cases and internal documents. The disclosure also includes references to a screenshot placeholder and links to additional evidence or commentary provided by the threat actors.

Details from the leak suggest that the attackers accessed internal files of a law firm or legal organization based in Canada. The leak’s description notes that the compromise allowed access to internal files, which could include legal documents, client information, or internal communications. The breach did not specify the exact nature of the leaked data, but the inclusion of URLs and references indicates that the leak is accessible through the dark web URL provided. The publicly disclosed attack date is July 14, 2025, and the threat group involved has been identified as “incransom.” The leak underscores the importance of cybersecurity measures for organizations handling sensitive legal and client information.