Mere data exfiltration is no longer a lucrative approach for ransomware groups, and threat actors may increasingly rely on encryption to regain leverage. In 2021, the group likely made tens of millions of dollars using this tactic in the Accellion campaign, when over 25% of the impacted organizations likely paid a ransom. Roughly 20% of the entities impacted by the GoAnywhere MFT hack also paid a ransom. In the subsequent campaigns, however, the victims’ willingness to pay dropped significantly: less than 2.5% of those affected by the MOVEit breach paid, and almost none paid in the Cleo and Oracle EBS incidents.Overall, ransom payments reached roughly 20% in the last three months of 2025, with high-value settlements driven purely by data exfiltration declining and payment magnitude influenced by incident impact. Can the hacking Industry drastically fall due to lack of willingness to pay ransom?
Previous Article
Pentagon blacklists Claude AI companyNext Article
EU open gateways to Indian students