US county paid $1M to Kairos after demanding proof of deletion could not be verified
Leaked May-June 2025 talks show $1 million bought promises, not independently verifiable deletion, raising re-extortion risk.

A leaked negotiation transcript, described in a Ransom-ISAC case study by threat-intel researcher Rakesh Krishnan, says a US county paid Kairos $1 million after earlier demands of $3 million and multiple counters. The incident matters to decision-makers because the county reportedly never received independently verifiable proof that stolen files were deleted, meaning the data could still surface.
A US county reportedly paid $1 million to cybercriminal extortion gang Kairos after the attackers demanded the money and provided claims about deletion. The twist: the county allegedly never received independently verifiable proof that the stolen files were actually deleted, just a set of assurances in the negotiation thread.
The leaked negotiations played out in May and June 2025, according to a case study by threat-intel researcher Rakesh Krishnan on Ransom-ISAC, a knowledge-sharing platform for defenders and incident responders. Krishnan based the report on a leaked transcript of talks between the county and Kairos, plus attacker-provided artifacts, screenshots, and payment-tracing evidence on the blockchain. The report does not name the ransomware negotiator or identify the victim by name, but it describes it as a US government entity, and other details in the communications suggest it was a county.
According to the leaked transcript, Kairos started with a $3 million demand after listing the victim on its “name-and-shame” blog. The attackers offered a partial look: “We will give you the full list of files we have and give you some time to study it,” then said the county could “choose up to 10 files” and the crew would “send them to you.” To stop publication, Kairos demanded $3,000,000. In response, county officials said they had “reviewed the situation with our leadership and financial teams” and, as “a small county with very limited resources,” could not meet the amount. They offered $100,000 and asked the criminals to consider it.
Kairos did not soften. The attackers replied: “You are wasting our time with such offers. We cant accept it.” They doubled down on the threat model, saying the files would be “a great advertisement” on the group’s site and that “terrible consequences will await you.” In the transcript, Kairos also gave the county a deadline, claiming the county had “two more days to make us a favorable offer.” Two days later, the county increased the offer to $255,000. Kairos reduced its demand to $2 million. On June 9, 2025, the county proposed $430,000, framing it as a practical constraint: “As a small county and limited resources, we are doing our best to navigate this within what is financially feasible for us.”
Then the number that sets off alarm bells for defenders: the parties allegedly settled on $1 million. But the deliverables the county requested in return were exactly where the verification problem appears. The county asked Kairos to confirm, for $1,000,000, that it would provide “proof of deletion,” a “complete list of all files taken,” and an explanation of “how you got in.” Kairos claimed it gained initial access by bruteforcing its way into the network and shared an RAR file it said provided “proof of deletion of all downloaded files,” along with the promise that it would not share the data or attack again.
Krishnan’s assessment underlines the core issue. The transcript does not show a technical mechanism by which deletion could be independently verified, and that limitation matters in ransom-payment scenarios. In other words, even if a victim receives an artifact labeled “proof,” there is no clear, independently checkable method presented in the conversation that proves the attackers truly deleted what they claimed to have stolen. That gap is not just academic. If the deletion claim fails or the attackers keep a copy anyway, the stolen data can still return to the ecosystem, potentially for resale on dark web forums, and potentially prompt renewed extortion from the same crew or another.
Why is this happening at all, given regulators and law enforcement urging caution? The source ties the case to the broader policy landscape. The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) urge victims not to pay extortion demands, and the article notes the rationale from the FBI: “Paying a ransom doesn’t guarantee you or your organization will get any data back.” It also “encourages perpetrators to target more victims and offers an incentive for others to get involved.” There is no outright ransom-payment ban at the US federal government level, but the source adds that two states, North Carolina and Florida, explicitly prohibit public agencies from paying extortion demands. Other jurisdictions have proposed similar legislation.
This case is also notable because it is not clearly a classic ransomware event. The attackers reportedly did not claim to encrypt data or provide a decryptor in exchange for payment. Security researchers have not obtained, or linked to Kairos, any ransomware sample, encryptor, or locker binary. The extortion narrative instead centers on stolen data. Based on the transcript and Kairos’ data-leak site, the criminals claimed to have stolen more than 2 TB of data, totaling about 1.6 million files. One of the alleged stolen documents, “Media Release - Motorcycle Crash Claims the Life of Dublin Resident 9-10-2020.pdf,” suggests a city of Dublin within the county’s boundaries. For context, the city of Dublin, Ohio spans four counties: Union, Franklin, Delaware, and Madison.
The Register reached out to county officials and law enforcement to ask whether Union County was the entity described in the Ransom-ISAC report. Union County, Ohio disclosed a May 2025 ransomware attack last fall, involving unauthorized access and acquisition of protected personal information held by the county, with access spanning May 6, 2025 through May 18, 2025. That notice lists data categories including names, Social Security numbers, driver’s license and state ID numbers, financial account information, dates of birth, fingerprint information, medical information, payment card information, and passport numbers. However, the disclosure does not say anything about paying a $1 million ransom, nor does it name the attacker. The FBI declined to comment, and the article says it will update if it receives responses.
For executives and boards, the operational lesson is blunt: in data-extortion scenarios, “settlement” can mean paying for a story, not for independently verifiable facts. That reality should sharpen incident response governance before you ever need it. When small organizations negotiate from limited resources, the temptation is to treat payment as the shortest path to reduced risk. But if deletion cannot be verified, the risk does not end. And the broader incentive effects remain, even when a payment is framed as the lesser evil. The strategic stakes for every public agency and vendor are clear: if outcomes cannot be proven, your control strategy must be built around minimizing exposure, improving recovery, and reducing the probability that the next incident comes with a bigger wallet attached.
This story's Key Insights and Take-aways are locked.
Create a free account to unlock Executive Actions for one credit.
Register to UnlockAlways free for Executives Club members. Join the Club
More in Business

China lands a reusable Long March booster, a first that matches SpaceX and Blue Origin
A barge landing and net-based recovery move China from theory to proof, reshaping the reusability race and satellite ambitions.
AstraZeneca $27B wipeout as Wainua late trial misses cardiovascular target
A failed late-stage heart study triggered a swift market punishment, forcing investors and boards to reset timelines and risk.

Comcast shares jump 25% as it plans to split NBCUniversal and Sky
The tax-free spin-off could reshape focus, funding, and competition across media and tech for years.

