The operators of the Sodinokibi Ransomware (REvil) have started urging affiliates to copy their victim’s data before encrypting computers so it can be used as leverage on a new data leak site that is being launched soon. According to the post shared with BleepingComputer by Damian, the ransomware operators have finished a ‘blog’ that will be used to distribute unpaid victim’s stolen data, with some data like Social Security numbers being held back to be sold on dark markets for a ‘fairly high rate of return’
Source: https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-may-tip-nasdaq-on-attacks-to-hurt-stock-prices/