Ransomware victim disclosure
← All victimsoakparkmi.gov
Claimed by Incransom · listed 19 hours ago
Status timeline
- ListedJul 3, 2026
- Data leakeddate unknown
At a glance
- Group
- Incransom
- Status
- Data leaked
- Country
- United States
- Sector
- Public Sector
- Listed on leak site
- Jul 3, 2026
About the victim
AI dossier — public-source company profileCity of Oak Park is a municipal government serving approximately 30,000 residents in an inner-ring suburb of Metropolitan Detroit, Michigan. Incorporated in 1945, it spans 5.5 square miles and provides standard city services including planning, permits, and public administration.
- Industry
- Local Government
- Address
- 14000 Oak Park Blvd, Oak Park, MI 48237
- Founded
- 1945
Attack summary
Severity: medium — Public sector entity with potential access to citizen records and municipal data; however, no specific proof files, data categories, or operational disruption are described in the available post. Status is 'data_published' but details are minimal.The ransomware group incransom claims to have accessed Oak Park municipal systems. No specific data exfiltration or operational impact details are provided in the available leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- municipal records
- city administrative files
What the group claims
Oak Park, Michigan, is a vibrant, diverse inner-ring suburb of Metro Detroit located in Oakland County. Incorporated as a city in 1945, it spans 5.5 square miles and is home to roughly 30,000 residents. The city is currently experiencing a renaissance, transforming areas like the 11 Mile Road corridor into bustling hubs with breweries, restaurants, and new community spaces.
Sources
Source
Indexed 19 hours agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

