The Snatch ransomware group has published a ‘Public Notice,’ saying that it should not be held accountable for losses caused by its actions. Among other statements, Snatch’s public notice said that it is a leakage database that is open for public use.
What Snatch’s public notice read
Snatch’s public notice stated that it does not assume responsibility for what it shares on its website including the data from cyber attacks and the method it acquires the information.
Assuring cooperation with other groups and companies, the ransomware group said that it would provide exclusive information for further use to buyers. “The information source should in that case refuse to carry any responsibility for this information,” Snatch’s public notice clarified.
The fourth point in the Snatch ransomware group’s public notice stated that the group was ready to publish any content be it confidential in nature on the dark web, while ignoring the possible consequences.
“All responsibility for the publication lies upon the persons who made the information leakage possible from the sources they have been entrusted with,” the public notice by Snatch further said.
Disowning the responsibility for data leaks, Snatch’s public notice said that they publicly post the personal data and contacts of the personalities who are responsible for the data leak and those who made it possible.
The group claimed that they have the right to the first publication despite all the information on their website being open for public use which is free to be reused.
Snatch open to dialogue with the media
In Snatch’s public notice, the ransomware group asserted that it is open to collaborating with the media to talk about data leaks and make them known to the masses. Moreover, it read that they are open to dialogue with the targets of the cyber attack to solve the situation.
The public notice read that they can be reached in their confidential chat room.
Cl0p ransomware group’s statement about media interactions
While the Snatch ransomware group stated they are open to discussing data leaks and having buyers interact with them about stolen data, Cl0p had a different say. In its communication about the MOVEit data leak deadline, the ransomware group posted that they do not want to talk to the media.
In the Cl0p ransomware group’s post about the extension of the deadline which incidentally falls today, June 14, the group wrote, “We do not wish to speak to Media or Researchers. Leave.” The group is set to release all the stolen data or sell it to dealers for further misuse according to its post on its website.
However, the group also pleaded that government and police service members need not worry about the data leak as they were not leaking information belonging to them.
“PS. If you are a government, city, or police service, do not worry. We erased all your data. You do not need to contact us. We have no interest to expose such information,” the Cl0p ransomware’s statement concluded.
Data and privacy laws to get stricter
While law enforcement agencies and regulatory bodies are busy implanting refined and more stringent rules against data theft, such public notices for various reasons including legal actions do not serve as a legitimate escape route.
Regulations applying to education, health, financial data, and others are expected to become stricter, with several US states joining California in its step forward. “Following California’s lead, four other states — Colorado, Connecticut, Utah, and Virginia — will begin enforcing new GDPR-inspired statutes in 2023,” a Reuters report noted.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.