A week after Ukrainian law enforcement arrested six suspects linked to the popular ransomware group cIOp, the group released a new batch of stolen data.
The data included employee records such as employment verification for loan applications and documents from workers whose wages were garnished.
While this move by the ransomware group suggests that the arrested suspects do not include core leaders of the organization, but affiliated companies or others who play a lesser role, it also confirms the limit of ransomware attacks.
These include the group that maintains the ransomware group and the infrastructure on which it runs, and also the second unit that is a team of hackers who rents out the Ransomware and shares the revenue with the maintainers.
The fact that these two entities know little or nothing about each other shows that the arrest of one group will not hinder the work of the other.
For more information, read the original story in Arstechnica.