---
title: "Is data theft the new normal in the ransomware ecosystem? | Phish Protection"
description: "Is data theft the new normal in the ransomware ecosystem?: One of the most notorious ransomware gangs across the globe, Lockbit, has warned Kash Patel, the."
image: "https://phishprotection.com/og/blog/is-data-theft-the-new-normal-in-the-ransomware-ecosystem.png"
canonical: "https://phishprotection.com/blog/is-data-theft-the-new-normal-in-the-ransomware-ecosystem/"
---

Quick Answer

One of the most notorious ransomware gangs across the globe, Lockbit, has warned Kash Patel, the Director of FBI , that it has enough data to completely destroy the FBI . Ever since 2020, data breaches have proven to be more dangerous than ever

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fis-data-theft-the-new-normal-in-the-ransomware-ecosystem%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Is%20data%20theft%20the%20new%20normal%20in%20the%20ransomware%20ecosystem%3F&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fis-data-theft-the-new-normal-in-the-ransomware-ecosystem%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fis-data-theft-the-new-normal-in-the-ransomware-ecosystem%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fis-data-theft-the-new-normal-in-the-ransomware-ecosystem%2F&title=Is%20data%20theft%20the%20new%20normal%20in%20the%20ransomware%20ecosystem%3F "Share on Reddit") [ ](mailto:?subject=Is%20data%20theft%20the%20new%20normal%20in%20the%20ransomware%20ecosystem%3F&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fis-data-theft-the-new-normal-in-the-ransomware-ecosystem%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2025/04/spear-phishing-prevention-6973.jpg) 

One of the most notorious ransomware gangs across the globe, Lockbit, has warned Kash Patel, the Director of FBI , that it has enough data to completely destroy the[FBI](https://www.forbes.com/sites/daveywinder/2025/02/26/data-theft-is-the-ransomware-new-normal-extortion-demands-average-600000/?ss=cybersecurity).

This leads to a very**critical question**: If the FBI itself is at risk, then how safe is the common people’s data?

Ever since 2020, data breaches have proven to be more dangerous than ever

. The Australian Federation has reported[450 breaches every 6 months](https://www.oaic.gov.au/about-the-OAIC/our-corporate-information/oaic-annual-reports).

The infamous ransomware gangs, namely BlackLock, LockBit, and other similar attackers, have advanced**cyberattack methods**that prove to be a significant threat to large companies even though they use reliable security measures.

![Spear phishing prevention](https://media.mailhop.org/phishprotection/images/2025/04/spear-phishing-prevention-6973.jpg) 

### **How long-tail is the data breach act?**

Post 2020, the ransomware gangs have been increasingly targeting the big fishes in the market, including Facebook, Twitter, Microsoft, Nissan, Dell,**Ticketmaster**, and many others.

As per IBM, the average financial loss has been reported to be nearly[USD $4.45 million.](https://www.ibm.com/reports/data-breach)

The worst part is that the ransomware software is more accessible than ever and easier to use. The dark web market now easily finds data buyers who purchase the[stolen data](https://www.blackfog.com/industrial-spy-selling-stolen-data-to-competitors/).

Even if you wipe down the top underground players , they give birth to innumerable other groups, forming a long tail of the_**cyber theft market**_. 

What validates the cyber thugs is data. The more precise the data is, the easier it is for them to reach you. Consider the targeted ads industry. All they look for is every precise customer detail, which creates a demand for[personal data](/announcements/cybersecurity-updates-for-the-week-17-of-2023). That’s exactly what the hackers steal from big,**reliable servers**.

Companies do adopt reliable and competent security measures, but if one email goes to the wrong sender, there’s no coming back. As per Arctic Wolf,[96%](https://arcticwolf.com/)of attackers aim at data exfiltration and double down on**data extortion**.

Not only do they encrypt the data in return for ransom, but they also threaten to release it in the dark market, known as the[double extortion tactic](https://gca.isa.org/blog/double-extortion-ransomware-what-it-is-and-how-to-respond).

### **Experts urge to implement these practices in everyday life!**

> “over 90% of ransomware attacks begin with a phishing email ([Verizon 2024 Data Breach Investigations Report](https://www.verizon.com/business/resources/reports/dbir/)) email. Blocking the phishing email is the most effective ransomware prevention strategy available - it stops the attack at the earliest possible stage, before any malware reaches your network. Every ransomware incident we’ve investigated started with an email that should have been caught.” - **Vasile Diaconu**, Operations Lead, DuoCircle

While it seems that your privacy has already been compromised, here’s how you can still take control and secure your data from**ransomware gangs**. Learn from the cybersecurity experts:

#### **Use MFA & secure passwords**

Using[multi-factor authentication](/cybersecurity/how-passwordless-authentication-helps-you-be-phish-free-and-secured)is a must wherever possible.

This requires moderating any access to your account from_**different devices**_by connecting your account to your phone.

#### **Phishing attack awareness**

[Phishing protection](/)is key to preventing data breaches. Stay vigilant by avoiding**suspicious links**and emails from unknown senders. Always verify sender details and carefully inspect email content before clicking or responding.

![Anti phishing protection](https://media.mailhop.org/phishprotection/images/2025/04/anti-phishing-protection-5972.jpg) 

#### **Limited sharing**

Avoid sharing any[personal information](https://www.npr.org/2025/03/11/nx-s1-5305054/doge-elon-musk-security-data-information-privacy)unless necessary.

For example, you can avoid using phone numbers to log in, where other alternatives can work.

Avoid sharing your birth dates because decoding them helps attackers crack your**financial details**.

Taking regular backups , using updated software, and using secure networks are some other ways to[protect your data](/cybersecurity/email-security-remote-working-protecting-sensitive-data-cyber-threats)against any**cyber misuse**.

### Sources

- [IBM Cost of a Data Breach Report 2024](https://www.ibm.com/reports/data-breach) (2024)
- [Verizon 2024 Data Breach Investigations Report](https://www.verizon.com/business/resources/reports/dbir/) (2024)

## Topics

[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 4m  13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization  Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[  Foundational 4m  All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center  May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[  Foundational 4m  2021 Phishing Trends You Need To Be Wary Of  Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Is data theft the new normal in the ransomware ecosystem?","description":"Is data theft the new normal in the ransomware ecosystem?: One of the most notorious ransomware gangs across the globe, Lockbit, has warned Kash Patel, the.","url":"https://phishprotection.com/blog/is-data-theft-the-new-normal-in-the-ransomware-ecosystem/","datePublished":"2025-04-03T08:56:28.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2025-04-03T08:56:28.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/is-data-theft-the-new-normal-in-the-ransomware-ecosystem/"},"articleSection":"foundational","keywords":"Phishing","wordCount":562,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2025/04/spear-phishing-prevention-6973.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"Is data theft the new normal in the ransomware ecosystem?","item":"https://phishprotection.com/blog/is-data-theft-the-new-normal-in-the-ransomware-ecosystem/"}]}
```