Hiwassee Builders Supply reports a ransomware incident attributed to incransom, claiming that 100GB of exfiltrated data includes confidential documents, client data, NDAs, financial data, operations data, corporate data, business agreements, development data, and financial databases. The actor threatens public release of the data or further pressure unless the ransom is paid. #UnitedStates
Incident Details
- Victim: Hiwassee Builder Supply
- Sector: Construction
- Country: US
- Actor: incransom
- Source: http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/698ea4528f1d14b743888e1b
- Discovered: 2026-02-17 03:18:40.134213
- Published: 2026-02-17 03:00:00.000000
Information
- HIWASSEE BUILDERS SUPPLY: dedicated to delivering a wide range of building products and services with exceptional value and service across East Tennessee and beyond.
- Offers in-house expertise for project design, estimation, and timely product delivery for home remodeling and commercial construction needs.
- Operates four locations in East Tennessee, ensuring efficient service and support throughout various projects.
- Leak: 100GB
- Confidential documents
- Clients data
- NDA
- Financial data
- Operations
- Corporate data
- Business agreements
- Development
- Financial databases — all transactions, all clients
- And a lot of other very important information
Disclaimer: This post is based on public claims made by the ransomware group "incransom". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.