Ransomware gang Inc yesterday took credit for an August 2025 data breach at the University of St. Thomas in Houston, TX.
The University on August 13 reported a cyber attack caused a nine-day system outage. At the time, it said there was no evidence of compromised info.
Inc says it stole 1.8 TB of data from St. Thomas. To prove its claim, Inc posted sample images of what it says are documents stolen from the University.
The University of St. Thomas has not verified Inc’s claim. We do not know if the University paid a ransom, how much Inc demanded, what data was compromised, or how attackers breached the school’s network. Comparitech contacted the University for comment and will update this article if it replies.
The attack forced St. Thomas to shut down its website and servers, disrupting student services like housing access, textbook purchases, and course registration.
Who is Inc?
Inc is a ransomware gang that first emerged in the middle of 2023 and has since targeted a wide range of victims in healthcare, education, and government. Its methods include spear phishing and exploiting known vulnerabilities in software. Inc employs a double-extortion scheme in which it both steals data and locks up infected systems, forcing victims to pay both for system restoration and the safe deletion of stolen data. Inc operates a ransomware-as-a-service business in which customers pay Inc to use its malware and infrastructure to launch attacks and collect ransoms.
Inc has taken credit for 122 confirmed ransomware attacks in total, plus 311 unconfirmed claims that haven’t been publicly acknowledged by the targeted organizations.
Inc has launched 15 confirmed attacks on schools, universities, and other educational institutions.
Yesterday, Inc said it stole 194 GB of data in an attack on a Canadian school system, the Center de Services Scolaire des Appalaches (CSSA). The attack disrupted phone, computer, and internet access for several days.
Ransomware attacks on US education
Comparitech researchers have logged 30 confirmed ransomware attacks in 2025 to date on American schools, colleges, and universities.
Last month, Trico Community Unit School District #176 in Illinois said it refused to pay a ransom following a data breach.
This week, Prince George County Public Schools in Washington, D.C. notified 3,959 people of a July 2025 ransomware attack.
Ransomware attacks on schools and other education facilities can disrupt day-to-day operations such as taking attendance, submitting grades, phone and email communications, billing, payroll, and assignments. Ransomware attacks are often two-pronged: they lock down systems and steal data. Schools that refuse to pay can face extended downtime, lose data, and put students and faculty at increased risk of fraud.
About the University of St. Thomas
The University of St. Thomas is a private Catholic university in Houston, TX, not to be confused with another college of the same name in Minnesota. It enrolls more than 3,500 students and employs more than 350 staff, according to external sources.
