medibank has had customer data stolen.
there are ransom demands. there are demands that the ransom be paid.
paying a ransom is pointless.
the thieves have a copy of the data.
medibank still has a copy of the data.
more copies of the data are appearing all over the web (dark or not)
here's the thing: electronic data can easily be copied -- and then there are two copies.
pay a ransom. the thieves will say, yes we will send back the data.
yet they -- and all their friends -- will still have a copy, or multiple copies, of as much of the data as they want. enough to continue their threats to publish.
once stolen, electronic data can never be un-stolen.
here's a better idea:
say that the ransom has been paid.
just say it. do not pay it.
let the thieves say they have not been paid. or that they have been paid. who cares. everyone knows that they are thieves and liars.
they lie when they claim that they will un steal the data. they lie when they claim that they are not paid.
who knows the truth. who cares.
the data has been stolen.
the data has been published.
pay a ransom and nothing has changed. except that thieves will be encouraged to steal more data.
not pay a ransom and... nothing gained, nothing lost, Nothing changed. whether the ransom is real, or not
...
--
Dr Nick Lethbridge / Consulting Dexitroboper
...
===
Dying for you to read my blog, at
https://notdotdeaddotyet.blogspot.com.au/ :-)
The word "boobs" is so scary until you get to the second "b". (Alfred E. Neumann