Data Theft: Why Hackers Don’t Bother Locking Your Files Anymore – They Just Steal Them

Written By Noel Bradford

Remember when ransomware was simple? Hackers would sneak into your systems, encrypt everything, and demand a fee to unlock it. It was digital burglary with a crowbar. If you had good backups, you could tell them to get lost. If you didn’t, you paid up and hoped for the best.

But cybercriminals have moved on. They’ve realised encrypting your files is a lot of work and not always profitable. What’s easier and more lucrative? Stealing your data outright and blackmailing you with it. According to Forbes, the average demand for keeping stolen data private is now £475,000.

Data Theft Ransomware: The New Normal

This shift makes perfect sense for attackers. Encrypting files relies on you not having good backups. But stealing data? That hits regardless of how well you back up. Once they’ve got your data, you have no way to get it back. All you have is their word (which isn’t worth much).

It’s like a kidnapper offering to return your child’s baby photos after making copies. You can pay to keep them quiet, but they still own the photos, and they can sell them to anyone.

£475,000 — What Does That Buy You?

That average ransom of nearly half a million pounds is the cost of silence. Pay up and hope your data stays out of public view. But there’s a catch — paying doesn’t mean they won’t leak or sell it anyway.

Some gangs operate on a double-dip strategy — demand a ransom from you, then make extra cash selling your data to criminal marketplaces regardless. After all, why not milk every drop from the job?

Why Is Data Theft So Powerful?

1. Backups Don’t Save You

With old-school ransomware, backups were your escape hatch. You could just restore and carry on. But data theft? You can’t restore your way out of stolen data. Once it’s in their hands, it’s out of yours forever.

2. GDPR and ICO Penalties

Under GDPR, losing customer data means reporting the breach — and that can mean fines, investigations, and public exposure. The Information Commissioner’s Office (ICO) has no sense of humour when it comes to data protection failures. Hackers know this and use it to ramp up the pressure.

3. Public Embarrassment

Most ransomware gangs aren’t subtle. If you don’t pay, they publish proof they’ve got your data. Payroll spreadsheets, internal emails, customer lists — all up for public viewing. That’s a PR disaster waiting to happen.

Small Businesses Beware

If you’re thinking, “This only happens to big companies,” think again. Small businesses are prime targets. Attackers know smaller firms usually have weaker security, fewer resources, and a mistaken belief that they’re too small to matter.

Criminals also know small businesses rely heavily on trust. If a local law firm or accountancy practice gets hacked and leaks client data, the reputation damage alone could shut the doors.

This is why Cyber Essentials exists — a simple government-backed scheme to help small businesses get the basics of cyber security right. If you’re still thinking, “We’ll sort that later,” remember: later is hacker time.

What Data Do They Want?

The short version? Anything embarrassing, valuable, or useful for further crime. That could be:

  • Customer lists (ideal for targeted scams)

  • Financial data (for phishing or fraud)

  • HR files (great for blackmail)

  • Emails (for juicy gossip and insider information)

  • Intellectual property (patents, plans, product secrets)

If it would hurt to see it online, it’s worth stealing.

Prevention Costs Less Than Ransom

There’s one cybersecurity truth that never changes: Prevention is cheaper than recovery.

Spending a few thousand pounds on proper security is always going to beat paying £475,000 to criminals after the fact. It’s also less stressful, more predictable, and keeps your name out of the news for all the wrong reasons.

Simple measures like:

  • Keeping software up to date

  • Using multi-factor authentication

  • Training staff to spot phishing emails

  • Limiting who can access sensitive data

  • Getting Cyber Essentials certified

All of that adds up to a lot less pain than writing a cheque to Russian cybercriminals.

Boards Need to Wake Up

Cybercrime isn’t just a tech issue — it’s a board-level risk. If directors aren’t actively asking about cyber security, they’re leaving the business wide open.

Here are some questions every board should be asking:

  • What data do we hold that’s valuable?

  • How do we protect it?

  • What happens if we’re breached?

  • How fast can we spot and stop an attack?

  • Are our suppliers secure?

If the answers are vague, inconsistent, or filled with wishful thinking, that’s your warning sign.

The Future: Ransomware Gets Professional

Modern ransomware gangs run like businesses. They have customer service teams, price lists, and even early payment discounts.

Gone are the days of random infections. Today’s attacks are targeted. Criminals do their homework, profile their victims, and tailor their demands to what they think you can afford.

For them, it’s not personal. It’s just business.

Final Thought: Cyber Essentials Is Your First Step

If there’s one thing you should do today, it’s this: Get Cyber Essentials certification.

It’s not bulletproof, but it puts basic security measures in place that stop the majority of attacks cold. It’s also fast becoming a requirement for working with larger firms and public sector clients.

So if you want to avoid paying £475,000 to some anonymous hacker, start by spending a lot less on good security now.

Because when it comes to ransomware, prevention isn’t just cheaper — it’s smarter.

Sources

Forbes Article (2025)Data theft is the new normal in ransomware. https://www.forbes.com/sites/daveywinder/2025/02/26/data-theft-is-the-ransomware-new-normal-extortion-demands-average-600000/
ICO Guidance Reporting personal data breaches under GDPR https://ico.org.uk/for-organisations/guide-to-data-protection/what-is-personal-data/
NCSC Cyber Essentials UK Government's Cyber Essentials scheme https://www.ncsc.gov.uk/cyberessentials/

Noel Bradford

Noel Bradford – Head of Technology at Equate Group, Professional Bullshit Detector, and Full-Time IT Cynic

As Head of Technology at Equate Group, my job description is technically “keeping the lights on,” but in reality, it’s more like “stopping people from setting their own house on fire.” With over 40 years in tech, I’ve seen every IT horror story imaginable—most of them self-inflicted by people who think cybersecurity is just installing antivirus and praying to Saint Norton.

I specialise in cybersecurity for UK businesses, which usually means explaining the difference between ‘MFA’ and ‘WTF’ to directors who still write their passwords on Post-it notes. On Tuesdays, I also help further education colleges navigate Cyber Essentials certification, a process so unnecessarily painful it makes root canal surgery look fun.

My natural habitat? Server rooms held together with zip ties and misplaced optimism, where every cable run is a “temporary fix” from 2012. My mortal enemies? Unmanaged switches, backups that only exist in someone’s imagination, and users who think clicking “Enable Macros” is just fine because it makes the spreadsheet work.

I’m blunt, sarcastic, and genuinely allergic to bullshit. If you want gentle hand-holding and reassuring corporate waffle, you’re in the wrong place. If you want someone who’ll fix your IT, tell you exactly why it broke, and throw in some unsolicited life advice, I’m your man.

Technology isn’t hard. People make it hard. And they make me drink.

https://noelbradford.com
Previous

Gmail Scams 2025: Nutty Cyber Squirrel Survival Guide
Next

Apple vs. The UK Government: A Petty Breakup Over Encryption