INC Ransomware — Victims, Campaigns & Activity

Threat entity extracted from intelligence sources

Frequency
25
occurrences
First Seen
November 4, 2025
Last Seen
July 16, 2026

INC is a ransomware_group tracked across 16 threat clusters and 25 intelligence report mentions on ThreatCluster. First observed November 4, 2025; most recent activity July 16, 2026.

Related Threat Clusters

  • Chronus Group Breach Exposes 36 Million Mexican Citizens' Data

    In January 2026, the Chronus Group executed a significant data breach against the Mexican government, compromising 2.3 terabytes of sensitive data from at least 25 agencies. The breach exposed personal information of up…

    2 articles · Updated May 28, 2026
  • Microsoft Disrupts Fox Tempest Malware-Signing Service for Ransomware Gangs

    On May 19, 2026, Microsoft disrupted Fox Tempest, a malware-signing-as-a-service (MSaaS) operation that provided over 1,000 fraudulent code-signing certificates to cybercriminals, enabling them to disguise malware as…

    33 articles · Updated May 19, 2026
  • Air Côte d'Ivoire Confirms Cyberattack by INC Ransomware Group

    Air Côte d'Ivoire has confirmed a cyberattack that occurred earlier in February 2026, attributed to the INC ransomware group. The attackers claimed to have stolen 208 GB of data and threatened to leak it by February 24,…

    2 articles · Updated February 25, 2026
  • INC Ransomware Group Targets Healthcare in Oceania

    The INC ransomware group has launched a series of attacks against healthcare facilities and government agencies across Australia, New Zealand, and Tonga. The Australian Cyber Security Centre (ACSC), National Cyber…

    2 articles · Updated March 11, 2026
  • Pierce County Library System Data Breach Affects Over 340,000 Individuals

    A cyberattack on the Pierce County Library System in Washington exposed the personal information of over 340,000 individuals. The breach, which occurred between April 15 and 21, 2025, involved unauthorized access to the…

    2 articles · Updated December 16, 2025
  • Ransomware Fuels Surge in Global Cyberattacks

    As of February 12, 2026, organizations worldwide are experiencing an average of 2,090 cyber-attacks per week, largely driven by ransomware incidents. This increase highlights the ongoing challenges faced by businesses…

    1443 articles · Updated February 12, 2026
  • Rise of AI-Driven Scams Targeting UK SMEs

    UK small and medium-sized enterprises (SMEs) are increasingly vulnerable to sophisticated AI-driven scams, as highlighted by recent reports. The emergence of 'AI scams 2.0' combines traditional social engineering…

    704 articles · Updated March 12, 2026
  • Cyberattack Disrupts CodeRED Emergency Alert System Nationwide

    The CodeRED emergency alert platform, operated by OnSolve, experienced a cyberattack that disrupted services across the United States, affecting the ability of cities and counties to send critical emergency…

    3 articles · Updated November 26, 2025
  • OrthopedicsNY Fined $500K for Patient Data Breach

    Orthopedics NY LLP has been fined $500,000 by the New York State Attorney General for failing to protect patient information. An investigation revealed that the orthopedic center inadequately secured its systems,…

    2 articles · Updated December 27, 2025
  • Colorado Law Enforcement Agencies Reevaluate CodeRED Contracts After Cyber Attack

    Multiple Colorado law enforcement agencies are terminating or reassessing their contracts with CodeRED, an emergency alert system, following a cyber attack that compromised user data. The breach, confirmed by Crisis24,…

    18 articles · Updated November 25, 2025

Recent Intelligence Reports

  • Cyberattacks now shape both war and everyday life — www.csis.org · July 16, 2026
  • Silent Ransom Group Sends Operatives Into Law Firm Offices: 38 Firms Already Leaked — Techtimes · May 28, 2026
  • FBI warns US — Cyberscoop · May 27, 2026
  • Microsoft takes down MSaaS used by ransomware gangs — News.Risky.Biz · May 20, 2026
  • Cybercrime service disrupted for abusing Microsoft platform to sign malware — Bleepingcomputer · May 19, 2026
  • Microsoft disrupts cybercrime service that abused software verification systems en masse — Cyberscoop · May 19, 2026
  • Cybercrime losses jumped 26% to $20.9 billion in 2025 — Cyberscoop · April 7, 2026
  • INC Ransomware Group Holds Healthcare Hostage in Oceania — Darkreading · March 11, 2026

CVSS v3.1 Breakdown