Hacker News new | ask | show | jobs
by aboringusername 2151 days ago
Asks for ransom to delete data

Press release goes out, saying the data was "deleted"

Send another ransom, maybe 5 BTC, otherwise data is released

Insert taps on head meme
1 comments
toyg 2151 days ago
Second time around, there is no real incentive to pay - fool me once etc etc

Imho it’s much better to just sit on it for a few months, then hit the usual forums to market it as high-quality data.

link
TheOtherHobbes 2150 days ago
The incentive to pay is that it nukes Blackbaud's credibility and trustworthiness, and likely destroys the entire business.

To a criminal that's easily worth an ask of 5BTC - or perhaps x% of annual profits in perpetuity.

An extortion scam is likely to be worth more than the data.

link
toyg 2150 days ago
Reputational damage happens anyway, once news of the first breach/ransom goes out (which it will, it’s increasingly mandated by law). Second time around they might as well fold.

A prolonged extortion scheme can only be done on a low-scale highly-targeted basis, where you can ensure word doesn’t get out.

link