Ransomware Group: INCRANSOM

VICTIM NAME: pyasolutions[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page related to PYA Solutions, a technology company based in Canada, details a significant data breach incident. The company specializes in Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central, providing tailored ERP solutions to enhance business operations across multiple sectors. The page indicates that a total of 27,962 files are listed, accumulating over 243 billion bytes of data. The breach was discovered on February 18, 2025, highlighting the ongoing risks businesses face in the realm of cybersecurity. While the company’s main operations are in Montreal, Quebec, they also have a presence in Jacksonville, USA, further emphasizing the geographical scope of potential exposure in this leak.

The ransomware page includes a screenshot that may illustrate aspects of the breach, although the specific content of the image has not been detailed to maintain a neutral tone. There is a mention of a threatening narrative common in ransomware activities, which aims to pressure victims into compliance. However, no sensitive or personally identifiable information about individuals associated with PYA Solutions has been disclosed in the leak. The page seems to have been published on the same date it was discovered, underscoring the rapid dissemination of this type of content on dark web platforms. Organizations in similar industries are urged to review their cybersecurity strategies to mitigate such risks.