Ransomware Group: TEAMXXX

VICTIM NAME: Intercommunityct[.]org

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the TEAMXXX Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page associated with the victim domain Intercommunityct.org indicates that the attack was publicly claimed on July 3, 2025. The organization, identified as a community-based health provider in Connecticut, was targeted, potentially exposing sensitive operational details. The website provides comprehensive health services, including mental health, addiction support, and primary care programs, emphasizing community support and wellness. The leak appears to be part of a data extortion campaign conducted by the group identified as teamxxx. The page features a screenshot, likely of internal data or documents, which suggests that some information or data may have been compromised during the attack.

The leak page does not specify precise details about the nature of the compromised data or whether any personally identifiable information was exposed. The discovery date of the breach is recorded as July 12, 2025, indicating that the incident was identified roughly nine days after the claim date. No additional sensitive or PII-related information is publicly disclosed on this page. The presence of a clickable claim URL suggests the attackers may be offering proof or further engagement. The included screenshot hints at the possibility of leaked internal data, but without explicit content details, the focus remains on the breach’s public acknowledgment and potential impact on the victim organization’s operations and reputation.