The INC Ransom ransomware operation has listed popular Australian fashion outlet Oxford as a victim on its darknet leak site.
The hackers claimed responsibility for the hack in an initial 1 December leak post that shared very little detail about the alleged incident, other than some basic information about the alleged victim.
JavaScript is required for CAPTCHA verification to submit this form.
By becoming a member, I agree to receive information and promotional messages from Cyber Daily. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.
Create free account to get unlimited news articles and more!
JavaScript is required for CAPTCHA verification to submit this form.
If you check the box above before you log in, you won’t have to log back into the website next time you return, even if you close your browser and come back later.
If you check this box before you log in, you won’t have to log back into the website next time you return, even if you close your browser and come back later.
Keep me signed in on this device.
To continue reading the rest of this article, please log in.
You’re out of free articles for this month
Groups like INC Ransom often use business summaries from market intelligence sites to summarise their victims, and in this case, the description of Oxford comes from ZoomInfo and includes a brief description of the victim’s business, its revenue, employee count, and industry.
However, a day lat
Oxford Industries cybersecurity rating report: https://www.rankiteo.com/company/oxford-industries
"id": "OXF1764813784",
"linkid": "oxford-industries",
"type": "Ransomware",
"date": "12/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': None,
'industry': 'Retail/Fashion',
'location': 'Australia',
'name': 'Oxford',
'size': None,
'type': 'Fashion Retailer'}],
'data_breach': {'data_encryption': None,
'data_exfiltration': None,
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': None,
'sensitivity_of_data': None,
'type_of_data_compromised': None},
'date_publicly_disclosed': '2023-12-01',
'description': 'The INC Ransom ransomware operation listed '
'Australian fashion outlet Oxford as a victim on '
'its darknet leak site. The hackers claimed '
'responsibility for the hack in an initial 1 '
'December leak post, sharing minimal details '
'about the incident.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': None,
'downtime': None,
'financial_loss': None,
'identity_theft_risk': None,
'legal_liabilities': None,
'operational_impact': None,
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': None},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'motivation': 'Financial gain',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': 'INC Ransom'},
'references': [{'date_accessed': None,
'source': 'Cyber Daily',
'url': None},
{'date_accessed': None,
'source': 'ZoomInfo',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': None,
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'threat_actor': 'INC Ransom',
'title': 'INC Ransom Attack on Oxford',
'type': 'Ransomware'}