On January 24, 2026, the extortion group known as WorldLeaks publicly claimed it had obtained more than 1.4 terabytes (188,347 files) of corporate data from a global sportwear brand. Instead of encrypting systems or disrupting operations, the group focused solely on data exfiltration and threatened public disclosure unless a ransom was paid.
What stood out was not only the volume of data involved, but also the method itself. The attack did not rely on traditional ransomware tactics. There was no widespread system outage, no visible encryption, and no immediate operational disruption. The leverage came entirely from the possession of sensitive data.
This incident reflects a broader shift in cybercrime: extortion is no longer centered on ransomware alone. Threat actors are increasingly adopting Extortion-as-a-Service (EaaS), a scalable model where stealing and monetizing data takes priority over locking systems.
Extortion-as-a-Service reflects a structural change in cybercrime economics. Data, not downtime, is now the primary asset being monetized. For security leaders, the implication is clear: data-centric security and backup solutions ensure that sensitive information remains protected, governed, and controllable even in worst-case scenarios.