Home / Technology

Photo of person at computer, laptop, cryptocurrency
Image: via media.thenextweb.com
Technology

US Government Pays $1M to Hackers to Keep Stolen Files Private

WireByte Staff · July 5, 2026

A US government entity paid $1 million to hackers to prevent the publication of stolen files, with clues pointing to Union County, Ohio, as the victim. The case highlights a new trend in ransomware, where hackers demand payment without encrypting files. The incident remains unconfirmed, but a previous ransomware attack in May 2025 affected 45,487 people.

Key points

  • A US government entity paid $1 million to hackers, known as Kairos, to keep stolen files private.
  • The case study, by Rakesh Krishnan for Ransom-ISAC, found no encryption or demand for a decryption key.
  • Clues point to Union County, Ohio, as the victim, but neither the county nor Kairos has confirmed the connection.
  • A previous ransomware attack in May 2025 affected 45,487 people, with data including Social Security numbers and passport details stolen.
  • The incident highlights a new trend in ransomware, where hackers demand payment without encrypting files.

US Government Pays $1M to Hackers to Keep Stolen Files Private

A recent case study by Ransom-ISAC has shed light on a new trend in ransomware, where hackers demand payment without encrypting files. The study, which analyzed a leaked negotiation chat and blockchain trail, found that a US government entity paid $1 million to hackers, known as Kairos, to keep stolen files private.

The case highlights the growing threat of ransomware, which has become a lucrative business for hackers. In this incident, the hackers did not encrypt the files, but instead demanded payment to prevent their publication. This new trend in ransomware is a worrying development, as it makes it easier for hackers to extort money from victims.

The study also found that the hackers may not be a traditional ransomware gang. The group behind the deal calls itself Kairos, but the study found no evidence of encryption or a demand for a decryption key. The clues point to Union County, Ohio, as the victim, but neither the county nor Kairos has confirmed the connection.

A previous ransomware attack in May 2025 affected 45,487 people, with data including Social Security numbers and passport details stolen. If the identification holds, a county of roughly 70,000 residents made a $1 million payment it never publicly disclosed. The incident highlights the need for better cybersecurity measures to prevent such attacks in the future.

Sources

WireByte Staff — Editorial Team

The WireByte editorial team synthesises technology news from multiple primary sources, verifies the facts, and links every source. Articles are produced with AI assistance and reviewed under our editorial policy.