Security News > 2020 > November > Scam PSA: Ransomware gangs don't always delete stolen data when paid
Ransomware gangs are increasingly failing to keep their promise to delete stolen data after a victim pays a ransom.
In the Coveware Q3 2020 ransomware report released today, we learn that some ransomware gangs do not keep their promise to delete stolen data after a ransom is paid.
According to the new report, certain groups are leaking stolen data after a ransom was paid, using fake data as proof of deletion, or even re-extorting a victim using the same data that was paid not to be released.
According to Siegel, Conti provided victims fake removal links after a ransom was paid that contained dummy data and not the victim's actual data.
Unlike a ransomware decryptor, which a threat actor can't take away once given, there is no way for a victim to know for sure if a ransomware operation is deleting stolen data after a ransom payment is made.