Ransomware Data Disclosure Trends

In a first of its kind report, Rapid7 uses proprietary data from the clear, deep, and dark web to analyze the disclosure layer of double extortion ransomware attacks. What exactly does that mean? Our analysts and researchers identify the types of data attackers disclose to coerce victims into paying ransom. They also explore the level of sophistication used in determining which data to disclose and when.

In this report you will learn:
• The most common types of data attackers disclosed in some of the most highly affected industries and how they differ.
• How leaked data differs by threat actor group and target industry.
• The current state of the ransomware market share among threat actors and how that has changed over time.