Security News > 2021 > April > Accellion data breaches drive up average ransom price
The data breaches caused by the Clop ransomware gang exploiting a zero-day vulnerability have led to a sharp increase in the average ransom payment calculated for the first three months of the year.
Clop's attacks did not encrypt a single byte but stole data from large companies that relied on Accellion's legacy File Transfer Appliance and tried to extort them with high ransom demands.
Given the high profile of the targets, the Clop ransomware gang likely yielded high returns from the extortion campaigns, with many victims ending up paying big money to stop a data leak.
Clop's Accellion campaign seems to have reached an end in early April, as the gang started returned to data encryption operations made possible by typical network access vectors.
Despite being responsible for the increased average and median ransom payments, the Clop ransomware gang was not the most active since the beginning of the year.
Some REvil ransomware attacks ended with losing all the data because of "Technical flaws that resulted in victims unable to match encryption keys."