I think I'd agree with the end of the article. If the only reason you're paying them is to prevent a data leak, what's to stop them from accepting the ransom and still leaking the data?
What is to stop them from acting like a blackmailer and going back for more later? Technically all they need is for giving money to "help" short term to maintain their "reputation". It is a danegelt situation.