Ransomware Group: INCRANSOM

VICTIM NAME: National Institute of Water Resources

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to the National Institute of Water Resources, a key public sector entity responsible for water conservation and management in the Dominican Republic. The incident was discovered on July 14, 2025, shortly after the attack date, indicating prompt detection. The compromise involves sensitive information related to this agency’s operations and institutional data. The leak page does not specify the nature of the data affected but mentions the publication of potentially confidential or internal documents. No direct download links or data attachments are provided on the leak page. The incident’s timing suggests it was part of a broader campaign targeting government agencies in the region.

Visual evidence such as screenshots is absent from the leak page, and the details imply that the attackers may have exposed internal information or documents possibly related to water resource management. The target, situated in the Dominican Republic, is involved in managing vital national infrastructure. The leak emphasizes the importance of cybersecurity measures for governmental institutions handling critical public services. The group claimed responsibility under the alias ‘incransom,’ indicating a coordinated ransomware campaign against public sector entities across the region. The incident underscores the ongoing threat to government entities and highlights the necessity for robust data protection strategies.