Ransomware Group: INCRANSOM

VICTIM NAME: Radford City Schools

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware attack targeted Radford City Public Schools, a school district located in Virginia, United States. The incident was discovered on August 1, 2025, and the attack date is reported as July 31, 2025. The breach involved the potential disclosure of sensitive, medical, and personal data encompassing approximately 3,690 students from pre-kindergarten through 12th grade. The publicly available leak includes a screenshot of internal documents, suggesting the attackers gained access to various confidential information. The compromised data is expected to be published soon on the threat actor’s blog, emphasizing the gravity of the breach for the school district’s operations and privacy.

The district is noted for its strong academic performance, particularly in math and reading, and comprises elementary, intermediate, and high school levels. The attack appears to be part of a broader campaign by the ransomware group identified as “incransom.” Although no specific links or technical details about the data exfiltration are available, the threat actors have indicated that a significant volume of sensitive data—around 100 gigabytes—will soon be released publicly. The incident raises concerns about data security and privacy within educational institutions, especially considering the potentially vulnerable student information involved.