Corporate victims are finally starting to realize that ransomware attacks are data breaches and have begun to notify employees and clients about data stolen data.
A tactic used by almost all enterprise-targeting ransomware is to steal unencrypted files before encrypting a breached network. The threat actors then use these stolen files as leverage by threatening to leak or sell the data if a ransom is not paid.
|