The Snatch ransomware group recently published a statement known as the ‘Public Notice,’ shifting the responsibility of losses caused by its actions onto others. The ransomware group claims to be a leak database that is open for public use, and it disowns the responsibility for data leaks. The group stated that it publicly posts the personal data and contacts of the people responsible for data leaks. Furthermore, they added that they have the right to publish any content even if it is confidential in nature on the dark web, without caring about the possible consequences. Snatch alleviated any responsibility for its website or the data they share, including the method used to acquire it.
The public notice also mentions the group’s readiness to provide exclusive information to buyers and cooperate with other groups and companies. However, in contrast to Snatch’s statement, Cl0p ransomware has communicated that it does not wish to talk to media regarding data leaks. The Cl0p ransomware group has also stated that they are set to release all stolen data or sell it to dealers for further misuse. Nevertheless, the group assured government and police service members that they don’t need to worry about the data leak as they were not leaking information belonging to them.
While law enforcement agencies and regulatory bodies are trying to implant refined and more stringent laws against data theft, such public notices do not provide any legal escape route for ransomware groups. It is expected that data and privacy laws will become more strict, with several US states joining California in its step forward in terms of implementing GDPR-inspired statutes in 2023.
The need for regulatory bodies to examine the commercial and non-commercial use of data is becoming more critical in the digital age. With the proliferation of this industry, companies must educate themselves on the dangers and take proactive measures to prevent data theft and breaches. Businesses must put in place adequate security protocols and frameworks and invest in appropriate personnel. While regulatory laws will help, the onus falls on organizations to ensure their compliance with data privacy rules.
Media Disclaimer: This report on Snatch ransomware group is for reference purposes only, and the Cyber Express assumes no liability for consequences of using this information. The report is based on internal and external research obtained through various means. Users bear full responsibility for relying on this information.