Chinese shopping platform Pandabuy told BleepingComputer it previously paid a a ransom demand to prevent stolen data from being leaked, only for the same threat actor to extort the company again this week.
It's bad business to not be honest and trustworthy. If a hacker group is known to always give back the data and not strike twice, they are obviously much more likely to get paid. No one's paying someone known for ripping off. We see this in company ransomwware all the time. They are friendly, helpful in explaining the breech, and professional. If they were the opposite, they'd be broke.
says someone who's business hasn't ever depended on data which has been locked. the idiocy in these comments is astounding. you always pay the ransom, get your business back (which only exists because of your data), then, lock it down. always. pay. the. ransom.
has worked 100% percent of the time (probably a dozen times) I've shepherded future clients who have called me for assistance, because all their customer information, vendor data, and billing was locked, and they didn't have backups. if you're fucked, you chalk it up to a business expense whether or not you get your data back. you pay the ranson, and you pray. then when you get access to your data again, you lock it down. always. everytime.
I mean news like this is the best way to stop people paying, I hope every business that doesn't pay sends the hackers this article and says this is why