Recently Garmin, a large company who make GPS units and other navigation devices, had a lot of their customer services taken offline due to data being encrypted by ransomware. They were asked to pay $10M USD to have the files decrypted. While what they paid has not be disclosed, they did end up paying to get access to a decryption key to access customer data.
After paying for the decryption key, Garmin received software to decrypt data and bring their customer services back online.
A large travel company CWT was also hit with ransomware and ended up paying around $4.5M in Bitcoin to recover their files.
I highly recommend checking out the chat logs between the company and the hackers where the negotiated release of their files.
One of the more interesting cases is when Radiohead had unreleased recordings stolen and held ransom unless they paid $150,000. While $150,000 doesn't seem like much compared to the other cases, the other companies were huge enterprise companies with far more revenue and a much larger budget.
The band didn't want these recordings released but instead of being held hostage, they released all the recordings online for sale for around $23 with all proceeds going to charity.
Ransomware is becoming more and more common and hackers are using cryptocurrencies like Bitcoin to maintain their anonymous. Many companies do not have proper offsite backups to protect against these threats and are forced to loose data and potentially their business or pay out millions to hackers.
Just two days ago Travelex filed bankruptcy after a ransomware attack took them offline for two and a half weeks.
Ransomware hackers target large enterprise businesses where spending a few millions to get their data back is more attractive than losing even a days worth of business.
In many cases just having a reliable off-site backup would have prevented these ransomware attacks from doing any real damage.
