A U.S. government entity reportedly paid a $1 million ransom to the Kairos cyber extortion group following a May 2025 data breach where over 2 terabytes of information were stolen. The extortion group initially demanded $3 million in cryptocurrency but settled for $1 million after a prolonged negotiation. The attack did not utilize file-encrypting ransomware, but the attackers pressured the victim with potential public exposure of the stolen data.
The impacted organization is believed to be Union County, Ohio, which later notified nearly 45,500 individuals about the breach affecting sensitive personal information. The incident underlines the challenges faced by smaller organizations in dealing with cyber extortion.