Paying a ransom will not cure your data breach