Ransomware Group: INTERLOCK

VICTIM NAME: Naper Grove Vision Care

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INTERLOCK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page details an incident involving Naper Grove Vision Care, a healthcare provider specializing in eye care services in Naperville and Downers Grove, United States. The attack was discovered on June 2, 2025, and the breach involved the compromise of sensitive data belonging to the organization. The page indicates that the threat actors gained access to internal information, which may include confidential files and organizational data stored on the victim’s domain, napergrove.com. A screenshot depicting the affected systems or leaked data is included, providing visual evidence of the breach. The leak emphasizes that no information about affected employees or third-party partners has been publicly disclosed. Users are directed to additional resources through provided links, but specific data or file contents are not shared publicly.

The incident is attributed to a group identified as “interlock,” a known threat actor specializing in ransomware attacks. The details suggest a targeted breach likely aimed at extorting or disrupting the victim’s healthcare services. The leak page does not specify the exact nature of the compromised data, but it is typical in such incidents that patient records, appointment details, or organizational information could be involved. The included screenshot offers a glimpse into the affected environment, but concrete data specifics are not provided to safeguard sensitive information. The URL link leads to a dark web page hosting the leaked files and related information. Overall, this incident underscores the importance of maintaining robust cybersecurity measures for healthcare providers to prevent attribution and protect patient confidentiality.