[brippalcharrid]

    ... "lock" data in place rather than sell it to the highest bidder.

Why not both? And once the rightful owner of the data has paid a fat ransom, surely that's got to provide some kind of proof of its market value. The University did say that

    The attackers obtained some data as proof of their action

so unless they're logging their outbound traffic, who's to say they didn't exfiltrate all of it? It's the kind of thing that the University would remain tight-lipped about unless they were either sure that it hadn't happened (doubtful, seeing as they aren't running a tight ship) or had some kind of mandatory reporting obligation for the data.

[akiselev]

The data is worth that much to the university because they're critical to grant continuity - it'll be hard or impossible for their researchers to keep the money flowing without it. It's pretty much useless in everyone else's hands because those grants also depend on individual reputation and research history.