New extortion method started by Maze Ransomware is to steal files before encrypting them and then use them as leverage to get victims to pay the ransom. If a ransom is not paid, then the ransomware operators release the stolen files on a public ‘news’ site to expose the victim to government fines, lawsuits, and the risk of the attack being classified as a data breach. Other ransomware families including Sodinokibi, Nemty, and DoppelPaymer have stated that they would begin this practice as well.
Source: https://www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-launches-site-to-post-victims-data/