---
title: "The News Gets Worse for Victims of Ransomware | Phish Protection"
description: "Hackers using ransomware to extort money from victims used to have a fairly straightforward playbook: gain access to the victims data."
image: "https://phishprotection.com/og/blog/the-news-gets-worse-for-victims-of-ransomware.png"
canonical: "https://phishprotection.com/blog/the-news-gets-worse-for-victims-of-ransomware/"
---

Quick Answer

Hackers using \*\*ransomware to extort money\*\* from victims used to have a fairly straightforward playbook: \_gain access to the victims data, encrypt it and promise to decrypt it for the ransom\_. That by itself caused all kinds of havoc.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-news-gets-worse-for-victims-of-ransomware%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=The%20News%20Gets%20Worse%20for%20Victims%20of%20Ransomware&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-news-gets-worse-for-victims-of-ransomware%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-news-gets-worse-for-victims-of-ransomware%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-news-gets-worse-for-victims-of-ransomware%2F&title=The%20News%20Gets%20Worse%20for%20Victims%20of%20Ransomware "Share on Reddit") [ ](mailto:?subject=The%20News%20Gets%20Worse%20for%20Victims%20of%20Ransomware&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-news-gets-worse-for-victims-of-ransomware%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/01/anti-phishing-software-9458.jpg) 

Hackers using **ransomware to extort money** from victims used to have a fairly straightforward playbook: _gain access to the victims data, encrypt it and promise to decrypt it for the ransom_. That by itself caused all kinds of havoc.

From [Laporte, Indiana to Baltimore, Maryland](/blog/what-to-do-if-youre-hit-by-ransomware/), companies and municipalities found themselves scrambling to figure out how to decrypt their own data, or whether or not they should pay the ransom. And as bad as things got, these victims still had one thing going for them. _While they couldn’t get to their data, nobody else could either, so at least it was safe from widespread public disclosure_. Not anymore.

According to Bleeping Computer, there has now been a series of **three different ransomware attacks**, [Sodinokibi](https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-publishes-stolen-data-for-the-first-time/), [Maze](https://www.bleepingcomputer.com/news/security/allied-universal-breached-by-maze-ransomware-stolen-data-leaked/), and now the latest one, [Nemty](https://www.bleepingcomputer.com/news/security/nemty-ransomware-to-start-leaking-non-paying-victims-data/), which plan to leak data if the ransom isn’t paid. And if you don’t think these **hackers are serious**, “_the operators behind the Sodinokibi Ransomware have released files stolen from one of their victims because a ransom was not paid in time_.” The victim? “Artech Information Systems, who describe themselves as a minority- and women-owned diversity supplier and one of the largest IT staffing companies in the U.S.”

Do these attackers release all the data at once. Not a chance. _They always keep some for leverage_. For instance, “After a deadline was missed for receiving a ransom payment, the group behind Maze Ransomware has published almost 700 MB worth of data and files stolen from security staffing firm Allied Universal. _We are told this is only 10% of the total files stolen and the rest will be released if a payment is not made_.”

This new **ransomware attack** method puts victims at double risk if they try and keep the attacks quiet. “_By trying to hide these attacks, and the theft of employee, company, and customer data, companies are not only risking fines and lawsuits but are also putting personal data at risk_.”

The really bad news? “_This practice of using stolen data as leverage is not going to go away and is only going to get worse_. Expect to see more ransomware operators began to utilize this practice as it becomes the norm in attacks.”

![Anti phishing software](https://media.mailhop.org/phishprotection/images/2020/01/anti-phishing-software-9458.jpg) 

Has there ever been a better reason to invest in [phishing protection software](/)? No matter what a company pays for email security, it will have a large return on investment (ROI) when compared to the alternative. The crazy thing is, _**phishing protection** software doesn’t even cost that much_. Only pennies per month per employee. Do you think the folks at Artech Information Systems or Allied Universal wish they had made that investment?

Don’t wait to discover how awful this new generation of ransomware attacks is, Make the small investment in [Phish Protection](/) with [Advanced Threat Defense](/products/advanced-threat-defense/). It comes with real-time link click protection, malicious attachment blocking and sets up in 10 minutes. _It requires no hardware, no software, no maintenance and works with all major email providers_. Now is the time. Request a demo right [here](/book-a-demo/).

## Topics

[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 4m  13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization  Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[  Foundational 4m  All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center  May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[  Foundational 4m  2021 Phishing Trends You Need To Be Wary Of  Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"The News Gets Worse for Victims of Ransomware","description":"Hackers using ransomware to extort money from victims used to have a fairly straightforward playbook: gain access to the victims data.","url":"https://phishprotection.com/blog/the-news-gets-worse-for-victims-of-ransomware/","datePublished":"2020-01-22T11:18:09.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-01-22T11:18:09.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/the-news-gets-worse-for-victims-of-ransomware/"},"articleSection":"foundational","keywords":"Phishing","wordCount":508,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/01/anti-phishing-software-9458.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"The News Gets Worse for Victims of Ransomware","item":"https://phishprotection.com/blog/the-news-gets-worse-for-victims-of-ransomware/"}]}
```