It’s interesting to think about the position that Caesar’s is in, with regard to trust. How do you determine that you can trust the hackers enough to pay them, that they won’t release the data anyway? Like… do the hackers have prior exploits they can point to saying “Hey, we took company X’s data, they paid up, and we didn’t release their info, so you can trust us?”
I mean, there’s also the thought that if they don’t pay up, it will definitely be released, so it comes down to something of a risk analysis.