In late 2020, a cancer charity contacted the U.S.-based cybersecurity company, GroupSense, in a panic. One of the world’s largest cybercrime gangs had infiltrated the organization’s computer system and kidnapped its data. An ominously worded message explained that the hackers were willing to restore the nonprofit’s records in exchange for several million dollars.
The digital ambush thrust the charity into uncharted and potentially catastrophic territory. Paying the requested amount was unthinkable for a nonprofit group, and even if it were able to foot the bill, news of the breach trickling out to donors could be devastating. The organization eventually turned to GroupSense, which has carved a niche out of negotiating ransom payments between hackers and victims, for help.
“They were like, the number is so far off the mark that this seems hopeless. We’re doomed,” said Kurtis Minder, the company’s founder and CEO.