The INC Ransomware group has allegedly added three United States-based companies from diverse sectors to its list of victims. The threat actor claims to have successfully breached the networks of automotive supplier Rosco Vision Systems, global executive search firm H.I. Executive Consulting (H.I.E.C.), and private investment office Heritage Growth Partners. The group has published screenshots on its dark web leak site as proof of the intrusions, showcasing a variety of sensitive internal files from each organization.
The alleged victims represent a cross-section of the American economy, highlighting the indiscriminate nature of ransomware attacks. The targeted companies include:
- 🇺🇸 Rosco Vision Systems: A leading North American supplier of visual safety solutions for commercial and school bus fleets based in Jamaica, New York. Founded in 1907, the company provides critical components like backup cameras and mirrors to major vehicle manufacturers.
- 🇺🇸 H.I. Executive Consulting (H.I.E.C.): A global executive search firm specializing in recruiting Board, CEO, and senior-level executives. The firm has a significant presence across the US, EMEA, and APAC regions.
- 🇺🇸 Heritage Growth Partners: A private, family investment office based in Atlanta, Georgia. Founded in 2014, the firm focuses on growth equity investments and offers strategic support to its partners.
Evidence posted by the ransomware group suggests a significant data compromise at each company. The screenshots pertaining to Rosco Vision Systems display technical data, including firmware files, schematics, and system directories. For H.I.E.C., the allegedly exfiltrated data appears to contain highly sensitive documents such as contracts, API scripts, confidential client presentations, and database credentials. Similarly, the proof-of-hack for Heritage Growth Partners shows confidential investor updates, project business and financial reviews, and partnership timeline documents. The full extent of the alleged breaches is not yet clear.
