“Based on the company information, the data held has very little value to the attackers, which is likely why they have turned to extortion. Obtaining this data and using it to blackmail data controllers will likely be a rising trend due to the GDPRs fines and the limited understanding of what the fines are based on. Data which earlier held little or no financial value to an attacker can now, due to the legislation put in place to protect it, be financially more interesting for attackers to obtain."
Read the full Martin's comment below:
