Complete Story


Ransom disclosure law would give firms 48 hours to disclose ransomware payments

The State of Security

Organizations who find their networks hit by a ransomware attack may soon have to disclose within 48 hours any payments to their extortionists.

That’s the intention of the Ransom Disclosure Act, a new bill proposed by US Senator Elizabeth Warren and Representative Deborah Ross.

Ransomware victims are not currently required to report attacks or ransom payments to federal authorities, but the new bill would require all ransomware victims (excluding individuals) to disclose the following information within 48 hours of a ransom payment:

  • The date on which the ransom was demanded.
  • The date on which the ransom was paid.
  • The amount of ransom demanded.
  • The amount of ransom paid.
  • The currency used to make the payment (including type of cryptocurrency, if cryptocurrency was used).
  • Whether the organisation that paid the ransom receives Federal funds.
  • Any known information regarding the identity of the extortionist.


Printer-Friendly Version



The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.

more information


Your electronic library to help in fighting financial fraud for all of our partners.

more information