It's an interesting idea, although I think in the heat of the moment, the last thing your org should be thinking of will be playing games with one of the most prolific hacker groups on the planet.

You'll probably get your data leaked anyways, potentially get compromised again (see Instructure situation) and end up in a way worse place if you just shut up and paid it, or let it leak normally.