"Ransom Payment No Guarantee Against Doxxing"

According to Coveware's analysis of ransomware attack data during the third quarter of the year, organizations that paid threat actors' demanded ransom were often doxxed and ordered to pay more. Doxxing refers to the public broadcasting of private or identifying information belonging to an individual or organization. For example, victims of the Sodinokobi ransomware group were hit with additional demands for more money, weeks after paying to prevent the release of the same dataset. The operators behind Netwalker and Mespinoza ransomware posted data from companies that had paid a ransom so that the data would not be released to the public. This article continues to discuss incidents in which organizations are doxxed by attackers despite paying the demanded ransom, the expected growth in cyber extortion, and the increase in attacks targeting big organizations. 

Dark Reading reports "Ransom Payment No Guarantee Against Doxxing"