One size does not fit all — sometimes, victims probably should pay ransom

This opinion piece discusses a ShinyHunters extortion/data-leak incident involving Instructure/Canvas, noting that the threat actor's leak-site listing was removed (likely indicating payment or negotiations). The author argues that blanket policies forbidding payment can be harmful for some victims and urges incident-specific cost–benefit analysis rather than rigid, one-size-fits-all advice.