Security News > 2023 > October > Lorenz ransomware crew bungles blackmail blueprint by leaking two years of contacts
The Lorenz ransomware group leaked the details of every person who contacted it via its online contact form over the course of the last two years.
The data includes names, email addresses, and the subject line entered into the ransomware group's limited online form to request information from Lorenz.
A subset of the individuals included in the breach were approached by The Register and all confirmed they had contacted Lorenz in the past two years.
Security firm Cybereason previously asserted that the Lorenz group was first observed in February 2021, meaning the leaked data almost spans the entire time the group has existed.
The Lorenz discovery marks a rare occurrence of a ransomware group leaking data against their schedule.
Like many leading ransomware operations, Lorenz is known for using a double-extortion model in attacks whereby they steal data before encrypting victims' devices, holding both their data and systems to ransom.