Ransomware Group: INCRANSOM

VICTIM NAME: teampostop[.]net

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to an incident involving a U.S.-based retail company specializing in medical equipment and therapy products. The attack was discovered on July 24, 2025, and the breach involves sensitive business information stored by the victim entity. The page includes a screenshot of internal data, suggesting that threat actors have accessed and possibly exfiltrated confidential operational details. Although no specific files or data contents are publicly disclosed, the presence of this leak indicates a serious compromise of the company’s digital assets. The company is known to serve over 5,000 patients annually, emphasizing its importance in the healthcare sector. No explicit details about personally identifiable information (PII) or individual patient data are revealed, likely due to sanitization for publication. The breach could potentially impact business operations, customer trust, and regulatory compliance.

The leak notice also highlights that the extorted data may include business communications or internal documentation, though specific details remain undisclosed. A relevant screenshot illustrates some of the internal infrastructure or document formats compromised, reflecting the attack’s scope. The incident’s discovery date is close to the attack date, implying swift detection. Additional information notes that the victim company operates in Florida, with a workforce of 32 employees and annual revenue exceeding eight million dollars. The company offers emergency services and bilingual staff, indicating a focus on customer support. This leak underscores the ongoing risks faced by healthcare-related organizations from ransomware gangs seeking financial gain and data destruction. No further technical specifics about the attack vector or malicious payload are provided.