[mywittyname]

If they restored from backup, how do they know the attack wouldn't hit again immediately? The ransom wasn't just to decrypt the data, but to halt the attack.

> More importantly, would the hack have happened in first place if they knew there was no chance of being paid?

Why wouldn't it? They could easily been paid by another group to perform the hack, used the hack to manipulate stock prices, sold the stolen financial data, or, most likely, the ransom would have been paid indirectly though some other means, like hiring a "cyber security consultant."