Security News > 2022 > June > Which stolen data are ransomware gangs most likely to disclose?

If your organization gets hit by a ransomware gang that has also managed to steal company data before hitting the "Encrypt" button, which types of data are more likely to end up being disclosed as you debate internally on whether you should pay the ransomware gang off?

The most commonly leaked data is financial, followed by customer/patient data.

First, the gangs disclose a sample of compromised data and, if the victim is still not convinced of the damages a full leak would bring, they disclose the rest and/or sell it.

Ransomware groups' leak sites are usually set up on the dark web, but one group has recently published stolen victim data on the public Internet.

Victims in the healthcare vertical have their finance and accounting data leaked in 71% of cases, and their customer and patient data leaked in 66% of cases.

"Organizations can use these findings to assess which specific data assets should receive additional protection," they added, and to prepare for the event of a ransomware data disclosure.

News URL

https://www.helpnetsecurity.com/2022/06/17/ransomware-data-disclosed/