The INC Ransomware group claims to have breached two new organizations, posting their details and compromised data samples on their leak site. The threat actor has targeted a major industrial manufacturing firm and a prominent consumer goods company.
The latest list of alleged victims posted by the group includes:
-
Omega Tool Corp (🇲🇽): A global leader in engineering and manufacturing, specifically known for advanced plastics tooling solutions. While the company operates globally, the threat actor explicitly listed contact details for a branch in Mexico. The company serves the automotive, heavy truck, and consumer product industries.
-
Southern Lion Sdn Bhd (🇲🇾): A leading FMCG marketing company based in Malaysia. It is an equal-sharing joint venture between Lion Corporation (Japan) and Lam Soon (M) Bhd, known for marketing household and personal care products.
According to the actor, the breach involves a significant exfiltration of internal documents. For Omega Tool Corp specifically, the group claims to have acquired approximately 24.7 GB of data. The proof-of-compromise documents released by the group suggest the following types of information have been exposed:
-
Personal Identification Information (PII): Scans of employee passports and identification cards.
-
Technical Intellectual Property: Detailed engineering schematics, robot base drawings, and system integration plans.
-
Internal Compliance Documents: Biological safety cabinet test certificates and product verification reports.
-
Operational Procedures: Departmental record retention tables and internal product test method instructions (e.g., for specific consumer brands like “Mama Lemon”).
-
Company Metrics: Internal references to revenue and employee counts.












