Offenders, for decades, have committed different forms of cybercrime in order to extort ransom from organisations and individuals. However, over the past decade more complex forms of ransomware and related offences have emerged. These entail the encryption of computer data or systems, thus locking out users, followed by requests for ransom against the (promise of) access to be restored. Offenders may also threaten to release sensitive or personal information, in an attempt to more effectively extract payments from victims.