Maze ransomware group released e åfltrated data of Allied Uni ersal, after they refused to pay ransom 30% of ransomware attacks included a threat to release data 22% in ol ed e åfltration of data 12+ variants use “double extortion” 50% of ransomware attacks lead to data e åfltration 1,000+ companies worldwide suâfered data leaks follo ing a ransomware attack In Q2 2020, 30% of ransom are cases included a threat to release e åfltrated data and 22% of cases actuall in ol ed e åfltration of data. The number of ariants currentl using the “double e tortion” tactic has increased to o er a do en ariants in Q2 6 . In No ember 2020, it as published that 50% of ransom are attacks lead to data e åfltration 7 , and in December 2020, researchers found that more than 1,000 companies globally had their data leaked following a ransomware attack, leading them to predict that 2021 ill be the “ ear of e tortion”, since c bercriminals mo e from attacks focused on data encr ption to data e åfltration 8 . Furthermore, in some cases, it was observed that ransomware gangs even skipped the ransomware encryption stage and only threatened to publish the stolen data 9 . Our team conducted a statistical analysis of 1,112 cases of ransomware attacks carried out during 2020 that resulted in the publication of data e åfltrated from the ictims by the ransomware strain operators. Our analysis revealed that 21 groups were involved in ransomware attacks that resulted in the public release of the data e åfltrated from the ransom are attack ictims, in 2020. In addition, e identiåfed that the top si most acti e ransom are gangs in ol ed in these attacks (b the number of ictims) ere Ma e (260), Conti (176), Egregor (146), DoppelPa mer (130), NetWalker (98) and Re il (79), accounting together to 80% of the total ictims. Ma e ransom are, the gang that started the “double extortion” trend, leads the chart, even though they shut their operations in October 2020. https://healthitsecurit .com/ne s/50-of-ransom are-attacks-lead-to-data-e åfltration-pa ments-hit-234k https:// .acronis.com/en-us/blog/posts/acronis-c berthreats-report-2021- ill-be- ear-e tortion https://threatpost.com/ransom are-getting-ahead-ine itable-attack/162655/ https:// .co e are.com/blog/q2-2020-ransom are-marketplace-report 7. 8. 9. 6. No 2019 Dec 2020 Double extortion ransomware timeline 9 | The Ransomware Landscape