Ransomware Group: INCRANSOM

VICTIM NAME: Rivers Academy West London

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Rivers Academy West London, an educational institution located in Great Britain. The attackers claimed responsibility for a security breach that was discovered on May 21, 2025. The compromise involved the exfiltration of sensitive data from the academy’s systems. The leak was publicly disclosed on an onion service, with a URL provided for further details. The compromised data appears to include internal documents and information related to the academy’s operations. The page features a screenshot of internal information, indicating the seriousness of the breach. While specific files or data are not detailed, the leak underscores a significant cybersecurity incident affecting this educational organization.

The attackers, identified as part of the incransom group, targeted the institution as part of their broader activities. The academy specializes in fostering academic excellence, emphasizing high standards in student behavior, engagement, and curriculum offerings. The breach’s timing suggests it was a recent event, and the leak underscores the risks faced by educational institutions in safeguarding sensitive information. The compromised data’s exact contents are not publicly specified, but the leak’s existence points to potential exposure of administrative and possibly student-related information. The incident illustrates the need for robust cybersecurity measures to protect valuable institutional data from malicious actors.