Recently, the ethical debate over ransomware payments has intensified, following numerous high-profile incidents. The sad reality for victims is that it costs more to not pay for a ransomware claim due to loss of business, damage to reputation, and the cost of rebuilding a network.
This is mainly the reason why ransom demands have exploded recently. A study by Palo Alto Networks found that the average payout increased 171% in 2020 compared to 2019. It was even reported that the DarkSide ransomware gang had pulled out for $ 90 million in Bitcoin.
Safety Info has compiled a list of the most significant ransomware payments confirmed, or at least widely reported at the time of writing. Notably, most of the incidents took place in the past 18 months. Yet in the murky world of ransomware, many payments go unofficially confirmed, and it is plausible that other payments have taken place that are not public knowledge.
1. CNA Financial (2021) – $ 40 million
One of America’s largest insurance companies, CNA Financial, has reportedly agreed to pay $ 40 million after its computer systems were locked down and data stolen by malicious actors. This is by far the biggest ransomware payout known to date.
2. JBS Foods (2021) – $ 11 million
In June 2021, meat processing company JBS Foods confirmed that it had paid its extortionists $ 11 million, which it said was necessary to “alleviate any unforeseen issues related to the attack and ensure that no data is not exfiltrated “.
3. Blackbaud (2020) – $ 10 million
It was reported last year that US cloud computing company Blackbaud paid attackers $ 10 million after being hit by a combined ransomware and data breach attack. The incident is believed to have led to the compromise of personal information at a number of academic institutions and charities.
4. Garmin (2020) – $ 10 million
Unconfirmed reports circulated last year that the personal fitness giant allegedly paid its extortionists $ 10 million following a cyberattack that forced its website and mobile app to shut down.
5. Global CWT (2020) – $ 4.5 million
US travel management firm CWT Global paid hackers $ 4.5 million after highly sensitive information was stolen and 30,000 computers were taken offline.
6. Brenntag (2021) – $ 4.4 million
The German chemicals distribution company reportedly paid a ransom of $ 4.4 million after the DarkSide ransomware gang encrypted the company’s devices and stole up to 150 GB of data from its North American division.
7. Colonial pipeline (2021) – $ 4.4 million
Notorious attacks on Colonial Pipeline in May 2021 forced America’s largest fuel pipeline offline for five days. A ransom of $ 4.4 million was later paid to the DarkSide gang by the company, but, encouragingly, the majority of the funds were recovered by the US Department of Justice.
8. Travelex (2020) – $ 2.3 million
The exchange firm’s systems were taken offline for almost two weeks in early 2020, and its services were only restored after a massive payment was sent to attackers. The incident reportedly contributed to Travelex’s administration in August 2020.
9. Internet Nayana (2017) – $ 1.14 million
The only incident on the list to have occurred before 2020. In 2017, Korean web hosting company Nayana paid what was, at the time, a record ransom to
hackers after more than half of its servers were destroyed in an attack.
10. Kingdom of California, San Francisco (2020) – $ 1.14 million
Last year, the famous American university confirmed that it paid the Netwalker ransomware gang $ 1.14 million after encrypting critical academic data related to its research into COVID-19.