Level 37
Starting last year, ransomware operators have escalated their extortion strategies by stealing files from victims before encrypting their data. These stolen files are then used as further leverage to force victims to pay.

Many ransomware operators have created data leak sites to publicly shame their victims and publish the files they stole.
As this is now a standard tactic for ransomware, all attacks must be treated as a data breaches.

Below is a list of ransomware operations that have a dedicated site for leaking data stolen from their victims.

The list of ransomware with data leak sites

AKO Ransomware
AKO ransomware began operating in January 2020 when they started to target corporate networks with exposed remote desktop services.
... ... ...