A new breed of cyber extortionists is exploiting single sign-on systems to loot corporate cloud vaults, leaving a trail of stolen data and shaken businesses.