22 Mar We Were Blackmailed… What To Do Next

“What should I do?” — First of all: is there any proof for the “hack” and stolen information? If not, the victim should demand some proof. Just like in kidnapping: no ransom without a sign of life from the kidnapped. We doubt there’s anything to back this up.

Also a few things can be done to improve email’s security:

• Two-factor authentication: demands a PIN code to be entered when registering a new phone to the number. This can be done in the app’s settings. Notice that if you have a 2FA in your devices, it’s pretty impossible that somebody gets into your systems because everybody will need a token and you’d have received a code in case somebody it’s trying to enter.
• Checking the list of sessions for your email accounts. Terminate those sessions that you don’t recognize (or just all of them). This is also done through the app’s settings.
• Do not give in to the demands. It is practically impossible to prove that no other copies of the logs exist.So if a blackmailer is threatening the release of information, there is no way to be sure that all information will be destroyed upon payment of the ransom. It would be prudent not to trust a criminal in those matters. Giving in just opens the door to subsequent demands.
• Ask other companies of your same target in your community: In that way you will check if you were the only one being blackmailed, or there are other victims, if you pick the second option, then you can organize collective actions and raise awareness about blackmailing.
• Prepare your employees: Share educational content with them in this matter, so they will react properly and avoid falling in this tramp. Remember, the more prepared your employees are the stronger your company.