en

Top 5 Companies That Refused to Pay Hackers a Ransom

Top 5 Companies That Refused to Pay Hackers a Ransom
Datami Newsroom
Datami Newsroom Datami Newsroom
Jul 4, 2025 3 min

At the end of May 2025, the largest cryptocurrency exchange in the U.S., Coinbase, became the target of a hacker attack. The attackers copied customers' personal data and then began contacting them while impersonating Coinbase, coercing users into transferring cryptocurrency. The hackers also demanded a ransom directly from the exchange - but were met with a firm response: Coinbase refused to pay the $20 million and sought help from law enforcement.

This is a striking example of a company standing its ground against cybercriminals. Let’s take a look at several other similar cases where businesses chose resistance over ransom.

  1. LockerGoga ransomware attack on Norsk Hydro

In March 2019, Norwegian aluminum producer Norsk Hydro was hit by the LockerGoga ransomware. This malware operated unusually: it didn’t rely on phishing and only spread based on direct hacker commands - and it was highly destructive. Despite the scale of the attack, Norsk Hydro refused to pay the ransom and spent three weeks recovering its systems independently. The total damages exceeded $70 million.

  1. Major data breach at Latitude Financial

Australian financial services company Latitude Financial declined to pay a ransom to hackers who breached its systems in March 2023. The attackers gained access to the personal data of 14 million customers. Nevertheless, Latitude chose not to negotiate with the criminals. The company’s financial losses were estimated at $76 million.

Close-up of a computer monitor showing a blinking “Hacked System Alert” message in red text, warning of a cyberattack and security breach.

  1. CD projekt SA data breach

In February 2021, game developer CD Projekt Red was targeted by a ransomware attack. Hackers gained access to a significant amount of corporate and player data, but the company firmly refused to pay the ransom. Later, it was revealed that the stolen data was sold on the dark web for $7 million, though the buyer’s identity remains unknown.

  1. Cyberattack on Ritzau news agency

In November 2020, Denmark’s news agency Ritzau was hit by ransomware that infected its servers and halted newsroom operations. To resolve the crisis, Ritzau hired an external digital forensics firm. The exact amount of financial loss was never disclosed. The ransom demand also remained unknown, as the company never opened the hacker's message. As a result, the identity of the perpetrators also remains a mystery.

  1. Rhysida ransomware attack on port of Seattle

In August 2024, the Port of Seattle was attacked by the Rhysida ransomware group. Hackers gained access to computers and encrypted critical data. The disruption impacted multiple services at Seattle-Tacoma International Airport (Sea-Tac), forcing staff to revert to manual operations. Some maritime activities at the port were also delayed. However, no ransom was paid, and the port did not disclose the extent of its financial losses.

free_consultation

Fill out the form below, and we’ll get in touch with you right away to discuss a plan to protect your business!

Updated: 04.07.2025
(0 assessments, average 0/5.0)

Related content

TOP 5 Largest Cryptocurrency Hacks in History Datami Newsroom
Datami Newsroom

TOP 5 Largest Cryptocurrency Hacks in History

The cryptocurrency industry is still in its formative stage, and its highly complex technologies are not always adequately protected. In addition, inexperienced users often make serious mistakes in securing their assets. This creates various opportunities

Jun 3, 2025 4 min
Datami at the Barcelona Cybersecurity Congress 2025: New Horizons in Cybersecurity Datami Newsroom
Datami Newsroom

Datami at the Barcelona Cybersecurity Congress 2025: New Horizons in Cybersecurity

Datami took part in the Barcelona Cybersecurity Congress 2025, one of Europe’s key events dedicated to cybersecurity innovations and technologies.

Jun 3, 2025
Over 480,000 Catholic Health Patients Affected by Personal Data Breach Datami Newsroom
Datami Newsroom

Over 480,000 Catholic Health Patients Affected by Personal Data Breach

The Catholic Health network, which provides medical services to residents of Western New York (USA), has reported a major data breach. As a result, confidential information about 483,000 patients was exposed and became publicly accessible on the internet.

Jun 3, 2025 3 min
Top 10 Cyberattacks That Brought Global Corporations to a Halt Datami Newsroom
Datami Newsroom

Top 10 Cyberattacks That Brought Global Corporations to a Halt

Cyberattacks today pose a serious threat not only to individual users but also to global corporations. Criminals use increasingly sophisticated methods, causing companies billions in losses and disrupting the operation of critical systems.

Jun 17, 2025 3 min
Antivirus Is Not a Shield: Why You Can’t Do Without Pentesting Datami Newsroom
Datami Newsroom

Antivirus Is Not a Shield: Why You Can’t Do Without Pentesting

Among companies, there is a common belief that installing antivirus software provides a sufficient level of security. This stems from the popularity of antivirus solutions, which are an important part of protection, but do not cover all threats.

Jun 23, 2025 3 min
Why Your Smartphone Is at Risk: 5 Common Myths About Mobile Security Datami Newsroom
Datami Newsroom

Why Your Smartphone Is at Risk: 5 Common Myths About Mobile Security

Most of us take careful care of our smartphones, protecting them from scratches, drops, or other physical damage. But when it comes to digital security, many people ignore potential threats. Cybercriminals eagerly take advantage of this negligence...

Jun 3, 2025 5 min
Back to home page
Order a free consultation
We value your privacy
We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies. Cookie policy