Victims Are Rebuffing Ransomware Mass Data Theft Campaigns

Revenue From Supply-Chain Attacks by Clop Group Sharply Fell, Report Investigators Mathew J. Schwartz (euroinfosec) • February 4, 2026

The Clop digital extortion gang for years perfected a method for wringing tens of millions out of cybercrime. Find a zero-day flaw, often in file transfer software, swarm vulnerable networks and post online the sensitive data of any victim unwilling to pay for a promise of data deletion.

See Also: AI Pushes Cyberattacks to New Speed Levels

The Russian-speaking ransomware group pioneered the tactic. One 2023 campaign may have netted it as much as $100 million (see: Data Breach Toll Tied to Clop Group's MOVEit Attack Surges).

But the tactic of "zero-day downstream mass data extortion campaigns" is losing its ability to terrorize corporations into paying protection money to cybercriminals, finds ransomware incident response group Coveware.

By the time that Clop, which researchers also track as Cl0p, Ta505, Fin11 ...