Ransomware victim disclosure
← All victimsChampaign-Urbana Public Health District
Claimed by INC Ransom · listed 2 days ago
Status timeline
- Listed
Jun 2, 2026
Current state: Listed for ransom
At a glance
- Group
- INC Ransom
- Status
- Listed for ransom
- Country
- US
- Listed on leak site
- Jun 2, 2026
About the victim
AI dossier — public-source company profileChampaign-Urbana Public Health District is a public health agency serving Champaign County, Illinois. It provides comprehensive health services including dental care, nutrition assistance, mental health support, food safety inspections, substance abuse treatment, and sexual health resources, with programs targeted at adolescents, women, infants, and families.
- Industry
- Public Health / Healthcare
Attack summary
Severity: high — Public health organization handling sensitive patient data (dental, mental health, nutrition assistance, substance abuse treatment). Encryption of such an organization disrupts critical public health services and threatens access to medical and personal information. Although no proof files are currently published, the confirmed encryption of a regulated healthcare entity qualifies as high severity.INC Ransom claims to have encrypted the organization's systems. The group lists the victim as having 'Encrypted' and 'Proof' categories, but no proof files are currently published in the leak post (proof array is empty).
Data the group says was taken
AI dossier — extracted from the leak post- organizational systems
- operational records
What the group claims
Champaign Urbana Public Health District provides a wide range of health services including dental care, nutrition assistance, mental health support, and food safety inspections. Their programs cater to various demographics, including adolescents, women, infants, and families, focusing on preventive health and education.
The leak post
captured from the group's site```
{"type":true,"message":"Success: got announcements.","payload":{"length":714,"announcements":[{"_id":"6a1d7512d152110a6ac7b3d5","company":{"company_name":"Bradley%20law%20firm","country":"US","revenue":5800000},"categories":["Encrypted","AD%20Dump","Proof"],"description":["Bradley%20Law%20Personal%20Injury%20Lawyers%20is%20a%20law%20firm%20dedicated%20to%20representing%20clients%20who%20have%20suffered%20injuries%20due%20to%20accidents%2C%20medical%20malpractice%2C%20and%20other%20forms%20of%20negligence.%20With%20over%2030%20years%20of%20experience%2C%20they%20have%20successfully%20recovered%20more%20than%20%24100%20million%20in%20settlements%20and%20verdicts%20for%20their%20clients%20across%20Missouri%20and%20Illinois.%20Their%20services%20include%20free%20case%20consultations%20and%20a%20commitment%20to%20fight%20for%20maximum%20compensation%20on%20behalf%20of%20accident%20victims.%20The%20firm%20is%20known%20for%20its%20expertise%20in%20personal%20injury%20law%2C%20including%20vehicle%20accidents%2C%20workplace%20injuries%2C%20and%20wrongful%20death%20cases."],"logo":"6a1d7512d152110a6ac7b3cf","proof":["6a1d7512d152110a6ac7b3cc","6a1d7512d152110a6ac7b3cd","6a1d7512d152110a6…Data the group says was taken
- Encrypted
- Proof
Screenshot of the leak post
Sources
Source
Indexed 2 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.