Hackers steal customer information and then demand money in return for not disclosing the compromise. How common is this scenario? A recent study shows that 17 of 100 companies surveyed have been so threatened, and many of those threats came from insiders. Almost a quarter of respondents said they would contact their legal department if so threatened, yet 59 percent were unsure whether their legal counsels were qualified to give advice (another 12 percent said they definitely were not). @ The Carnegie Mellon study, Enumerating and Reducing the Threat of Transnational Cyber Extortion against Small and Medium Size Organizations .