A Growing Ransomware Group Has Targeted Over 830 Organizations Since 2023

A ransomware group called INC has grown into one of the most active cybercrime operations in 2026, claiming at least 830 victims since August

2023. Ransomware is malicious software that locks up computer files and demands payment to unlock them. INC operates as a service, meaning they provide their ransomware tools to other criminals who carry out the actual attacks. INC became more powerful after authorities shut down other major ransomware groups like LockBit and BlackCat. When those operations ended, the criminals who worked for them moved to INC and similar groups. This means families, schools, hospitals, and businesses of all sizes could be affected if organizations they rely on become victims. When ransomware hits a hospital, school district, or local business, it can disrupt services you depend on daily. Here is what you should do right now:
2024. Back up your important files to an external hard drive or cloud service that is not always connected to your computer. This protects your family photos, documents, and other irreplaceable files.
2025. Keep your computer and phone software updated. Install updates as soon as they become available because they fix security weaknesses.
2026. Be extremely careful about clicking links or opening attachments in emails, even if they appear to come from someone you know.
2027. Talk to your family about not downloading programs or files from unfamiliar websites. For ongoing protection, make backing up your files a monthly habit. Teach everyone in your household to be suspicious of unexpected emails and messages. If your child's school, your doctor's office, or another service you use announces a ransomware attack, follow their guidance closely and watch for follow up scams targeting victims.