It is clear, over the last year or so, cybercriminals have evolved. Originally the goal was to lock up data with a ransomware attack and demand money to return it.
Cybercriminals are now locking up data or potentially stealing data and then asking for a ransom to unlock the data and to keep the stolen data from being sold or published - this increases their rewards by threatening people with exposure of data on top of holding the data hostage.
This new wave of cybercriminals may be targeting the clients of the organization whose data has been breached. The article below, has some interesting perspectives on this type of attack damaging the reputation of an industry.
Vastaamo breach: Is Blackmailing individual customers the next extortion trend?
Source: www.scmagazine.com