Ransomware Group: INCRANSOM

VICTIM NAME: statesideseattle[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page associated with Stateside Entertainment details a substantial data compromise. The release indicates a significant volume of files listed, totaling 41,097 with a combined size of approximately 65 billion bytes. The webpage describes the establishment of Stateside Entertainment, focusing on its role in enhancing tax credits for production companies in Georgia, following the Georgia Entertainment Industry Investment Act initiated in 2008. This act provides a 30% tax credit on qualified expenditures, facilitating financial benefits for production companies through the monetization of tax credits. As a result, investors and studios can effectively manage their tax liabilities, showcasing a strategic business model in the entertainment industry.

The discovered date of the breach is noted as February 21, 2025, reflecting the timing of the data’s exposure. This event highlights vulnerabilities within the operational security of the victim. Furthermore, the presence of a screenshot on the leak page exemplifies the nature of the compromised information, although no explicit description of the visuals is provided. The leak page is accessible through a specific Onion URL and includes extensive data, potentially affecting a variety of stakeholders connected to the entertainment sector in Georgia. No Personally Identifiable Information (PII) or user data appears to be compromised based on the extraction details available. Overall, the leak indicates serious considerations for data security practices within the industry.