Doxware

Doxware, also called leakware or extortionware, is malware focused on data exfiltration rather than just encryption. After compromising a victim, the attacker steals confidential files (emails, customer records, intellectual property, regulated data) and threatens to publish or sell them on a leak site unless paid. It often accompanies modern ransomware as the "double-extortion" stage but can also operate without any encryption. Defences include strict data loss prevention, network segmentation to limit attacker movement, monitoring unusual outbound transfers, encrypting sensitive data at rest, robust identity and MFA controls, and incident-response playbooks that include legal and crisis-communications coordination.