A case study published for Ransom-ISAC by researcher Rakesh Krishnan says a U.S. government entity pays around $1 million to stop stolen files from being published. The report is based on a leaked negotiation chat and the blockchain record associated with the payment. In the communications and payment trail, the group that receives the money describes itself as “Kairos.” However, the case study notes that Kairos may not fit a conventional ransomware profile. Krishnan’s analysis reportedly finds no evidence that the group locked a single file, which would typically be central to ransomware operations. The sources describe the situation as an extortion-type negotiation where the payment is tied to preventing data exposure rather than to encrypting systems. While the case study draws conclusions from the available chat logs and transaction information, it does not provide additional, publicly confirmed details about the specific government unit involved or the full scope of the underlying theft beyond the claim that files were at risk of being leaked. The reporting focuses on what the leaked materials and blockchain evidence indicate about how the payment and negotiations occurred.