Let Me Show you my Shocked Face for $1000, Alex

In an homage to Alex Trebek, what is: Ransomware gangs not honoring ransom payments for stolen data? While this is not an entirely surprising development, it is a little confusing. It hasn’t been since the early days of ransomware attacks where amateur groups did not honor their “promise” to discontinue an attack or unlock files after payment. It’s been quite a few years since ransomware groups realized they needed to protect their credibility in order to profit. Even with this addition of a follow-on leak of stolen data to capitalize on the daily double (double extortion) if an organization doesn’t pay to unencrypt its files, it seemed in the best interest of ransomware groups reputation to keep their word. But in a recent report by ransomware response leaders Coveware, there has been a fraying of promises of the cybercriminals to delete the data after payment, or have demanded a second extortion payment from a company that had previously paid to have the data deleted/not leaked.