HackerFeeds
All ransomware incidents
tricountyhs.org

Ransomware group incransom hits tricountyhs.org

MEDIUM
·Education·US·2026-07-01

tricountyhs.org — a education target operating in US has been listed by the incransom ransomware group on 2026-07-01. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.

Incident Report

Target Organizationtricountyhs.org
Threat Group
incransom
SummaryFlowers Early Learning (formerly known as Tri-County Head Start) is a non-profit 501(c)(3) organization providing free, high-quality early childhood education and family support services across Berrien, Cass, and Van Buren counties in Southwest Michigan. Funded by a federal grant through the Office of Head Start, the organization serves eligible families with children from birth to age five, as well as expectant mothers.
Date of Breach2026-07-01
Discovery Date2026-07-02
RegionUS
Target Domaintricountyhs.org
Business SectorEducation
Severity
MEDIUM

Claim by incransom

Flowers Early Learning (formerly known as Tri-County Head Start) is a non-profit 501(c)(3) organization providing free, high-quality early childhood education and family support services across Berrien, Cass, and Van Buren counties in Southwest Michigan. Funded by a federal grant through the Office of Head Start, the organization serves eligible families with children from birth to age five, as well as expectant mothers.

Posted by the incransom threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.

Sources

Victim website

tricountyhs.org

Leak post (onion / Tor)

tor

http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/6a4691a75ae71db30ca5296a

Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.

Disclaimer

HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.