It is not new but it is becoming much more common. Many hackers have found that information that is stolen, much like jewelry, has a poor resale value. An insurance company is more likely to pay more for the recovered jewelry than the thief can get for the stolen items at a pawn or private dealer – but you could get caught. This has been tried with expense art and jewelry and people (kidnapping) with some levels of success.
Well, extortion has come to data and for good reason. What data that is generally stolen that has any street value is generally either or both personal information and financial account information. This information is being stolen for limited personal use and resale in chat rooms etc.. to fraudsters. Typically the stolen information also gets stale very quick the victim knows the information is missing and reports the breach and theft and all victims are alerted and not the records are not good.
It is called data extortion and it is the data crime that is increasing by alarming rates. The only three defense are, good security – and there really is no good security, data encryption – a very good choice, or have nothing worth stealing on a network hooked to the internet or generally accessible at the place or work.
The reality is the response, or lack of a response, will cost you a 100,000 times more dollars than prevention.