I Team

Why some companies are paying ransom to cybercriminals for data breaches stealing personal info

ByAnn Pistone and Jason Knowles

Tuesday, August 6, 2024

Why some companies are paying ransom in data breaches

More companies are choosing to pay the ransom demanded by cybercriminals in data breaches that steal your personal information. But does it work?

CHICAGO (WLS) -- As threats from cybercriminals targeting companies that hold personal information continue to rise, some companies are making a surprising move to protect your privacy.

Despite advice from authorities, experts say some companies are choosing to pay the ransom when they're hacked.

ABC7 Chicago is now streaming 24/7. Click here to watch

"I think that there's been a realization over the years that there are certain circumstances which might deem it necessary to consider a ransom payment," said Mark Lance from GuidePoint Security. "That could be because there's no longer access to data."

Lance said he's helped thousands of businesses, governments and non-profits negotiate ransom when businesses and their information are held hostage. His firm's latest report says that there have been almost 2,200 ransomware attacks on businesses nationwide, so far this year.

"It might be because their data is encrypted, and they no longer have access to systems. And they need that information. And we've also seen instances where it might be more cost effective for them," Lance said.

There have been several local cases of ransomware attacks, notably the January hack into Lurie Children's Hospital. Lurie Children's said that some patient information like medical conditions and social security numbers were impacted. However, in this case they did not pay the ransom.

"Experts have advised that making a payment to cybercriminals does not guarantee the deletion or retrieval of data that has been taken. Once our investigation team identified an amount of data that was impacted by the cybercriminals, we worked closely with law enforcement to retrieve that data.," the hospital told the I-Team.

So what should you do if you are personally targeted?

"The general best practice is to not make payments, because there's nothing to hold them accountable," Lance said.

He added that large cybercriminal organizations that target big businesses typically agree to the terms of the ransom to protect their reputations, but scammers targeting individuals will likely not keep their word and ask for even more money.

The FBI said it does not support anyone paying a ransom, saying it does not any guarantee that data will be retrieved. They said ransom deals encourage criminals to target other victims. Instead, report crimes to the FBI.

If your consumer information was compromised in a company's data breach, ask if they will offer you free credit monitoring services like Lurie's Children's Hospital is doing.

Report a correction or typo