Ransomware crimes in recent months have undergone a game-changing transformation that carries higher stakes for victim companies than earlier forms of these attacks, according to speakers at Cybersecurity Docket’s recent Incident Response Forum. The Maze network and other cyber extortionists are not just locking up victims’ files with ransomware to make them unusable, but also to extract sensitive company data. The attackers then threaten to publish the data and to publicly trumpet their successful attack unless the victim pays the ransom. Panelists from Alston & Bird, the DOJ and Sard Verbinnen discussed the new wave of data-stealing ransomware attacks, and detailed specific steps business can take to prepare and respond to a combined ransomware attack and data breach. See “DOJ Guidance on How Companies Should Pursue Stolen Data on the Dark Web” (Apr. 8, 2020).