A Wisconsin K-12 district, the Denmark School District in the Village of Denmark, experienced a weeklong outage described as a cyber incident, with five school days of no internet access forcing teachers and students to use paper-based workarounds, according to Dysruption Hub. The article notes that the cyberincident appears to be a cyberattack by INC Ransom, or so the gang claims.
Separately, ransomware tracking site ransomware[.]live listed the district’s domain denmark.k12.wi[.]us as a victim claimed by a group it labels “Incransom,” with a discovery date of 1 March 2026; the listing reflects a threat-actor claim and is not, by itself, confirmation of ransomware or data theft. Dysruption Hub also quotes INC Ransom’s leak site as indicating that the attackers claim to have encrypted files and to have acquired or locked 70,756,506,189 bytes (70.76 GB) of data.
DataBreaches emailed the district to ask whether the incident was encryption-based and about backups, but no reply has been received. according to Dysruption Hub.