The INC ransomware group claims to have breached PHI Centre (PHI), a Canadian organization based in Montreal that focuses its activities on the presentation and curation of immersive works in virtual reality (VR), augmented reality (AR), and extended reality (XR). The group has published a significant number of files as proof of the breach.
According to the actor, the allegedly compromised data includes a wide range of internal and client-related documents. The published files suggest the exfiltration of:
- Internal financial documents, including invoices and payment records.
- Client and vendor contact information such as full names, company names, email addresses, and phone numbers.
- Order confirmations and subscription details.
- Internal payment summaries and account details.
