• Home
  • News
  • Inc Ransom Has Breached US-Based Maryhaven

Inc Ransom Has Breached US-Based Maryhaven

Bogdan Pătru

By Bogdan Pătru . 23 June 2024

Tech Writer

Miklos Zoltan

Fact-Checked this

Inc Ransom has announced another victim recently. This time, it’s the US-based Maryhaven, an enterprise providing behavioral health services in Columbus, Ohio. No other details have been posted about the operation.

  • Inc Ransom is known to use the double extortion tactic to coerce the victims into negotiating
  • The hackers present themselves as cybersecurity experts to trick the victims into paying the ransom
  • The gang is very active, typically producing at least a victim per day, although not consistently
  • Maryhaven hasn’t commented on the recent attack, so it’s unclear how they’ve decided to approach the matter

Ransomware actors have become extremely active over the past year, seemingly because of the victims being more willing to pay the ransom. Which might seem absurd at first. Why would anyone pay the ransom?

There are several reasons for that. The first is to gain access to the decryptor, given that ransomware hackers will almost always encrypt the victim’s system. Without the decryptor, the victim may lose all of the data recorded on the machine.

X showing the INC RANSOM attack on Maryheaven

Another reason is because of the direct effects of having the stolen data exposed publicly. It’s understandable why most victims would mind if that were to happen.

Finally, there’s a third reason, which is the legal implication of experiencing a ransomware breach. That’s because service providers are responsible for their staff and clients’ data. Any system breach will make them directly liable.

It’s no wonder why so many victims decide to pay. Unfortunately, as cybersecurity analysts explain, paying the ransom doesn’t do much. On the contrary, it could have the opposite effect.

Should You Pay Inc Ransom?

The short answer is no. In theory, the hackers are supposed to provide the victim with the decryptor and delete the stolen data after the ransom is paid. In practice, that is rarely the case.

The attackers will offer the decryptor, but they will rarely dispose of the stolen data. Instead, they prefer to either keep it to themselves for later use, or sell it to other cybercriminal gangs. And the worst part about it is that the victim can’t verify that.

So, whether you’re paying the ransom or not, the truth is that the data is most likely reaching third-party actors anyway. This explains why ransomware victims are often coerced by different actors and even breached multiple times in a row.

Then there’s another problem worth discussing. Paying the ransom will immediately mark you as vulnerable. The hackers now know that you’re willing to pay big to protect your data from reaching the public eye.

This means it’s highly likely that the hackers will target you again in the future. Other ransomware gangs will to, because the word spreads like wildfire on the Dark Web.

So, what should you do if you get breached? The standard advice is: do not pay the ransom and do not negotiate. The situation is obviously more nuanced than that, since not everybody can subscribe to that for a variety of reasons.

But it’s worth being aware of the consequences of paying.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment