Ransomware Group: INCRANSOM

VICTIM NAME: The Vascular Experts

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a healthcare organization named The Vascular Experts, which has been providing specialized vascular care since 2001 across Connecticut and Rhode Island. The site indicates that the organization is a significant provider of minimally invasive vascular procedures, operated by a team of over 20 board-certified surgeons. The breach was discovered on May 20, 2025, and the attack is flagged as occurring on May 19, 2025. The leak page includes a screenshot of the affected systems or data, although specific details of the compromised data are not disclosed. There are mentions of data leaks and potential access to internal information, highlighting the importance of cyber defense in healthcare settings. The organization’s public profile and description emphasize its extensive clinical network and advanced facilities. The incident has been linked to a group identified as ‘incransom,’ illustrating the ongoing risks within the healthcare sector from cybercriminal activity.

The page also features a claim URL hosted on a dark web onion site, implying that malicious actors may have accessed or exfiltrated sensitive data. Despite no specific PII being explicitly shown, the leak implies significant security concerns, possibly involving patient or operational data. Visual evidence includes a screenshot, which likely depicts internal documents or system interfaces, serving as proof of breach. The impact of this incident underscores the critical need for enhanced cybersecurity measures in healthcare organizations handling sensitive medical information. While the exact data compromised is not detailed, the leak demonstrates the potential exposure of confidential information related to the organization’s operational and possibly patient records. Additional context about the attack’s scope and victim details remains limited, but the incident marks a noteworthy cybersecurity event for The Vascular Experts.