A posted extortion claim is not proof of a breach, but it is a clear reminder that public-facing business systems can become the first point of pressure in ransomware operations.