TheDarkOverlord is threatening to release more files stolen from California investment bank WestPark Capital. John Adkisson/Reuters

A hacking group is threatening to release more data from the California investment bank WestPark Capital unless it receives a ransom.

A group calling itself TheDarkOverlord released about 20 files online during the weekend that included background checks on five individuals, listing their Social Security numbers. The release also included private stock offering details related to Facebook and other companies, including nondisclosure agreements, internal presentations, reports and contracts.

WestPark, based in Los Angeles, has had no comment on the issue. The firm helps small companies with acquisitions and fundraising.

The theft of files is seen as unusual in an era where ransomware is downloaded and a company’s or individual’s files are locked up until a ransom is paid.

The Dark Overlord, named after a comic book villain, posted on Pastebin during the weekend it was releasing the files because “CEO Richard Rappaport spat in our face after making our signature and quite frankly, handsome business proposal and so our hand has been forced.”

“We made a handsome proposal to Mr. Rappaport that would involve us withholding this news,” TheDarkOverlord said in an online chat with Motherboard. “However, Mr. Rappaport chose to not cooperate with us in what could have been a very clean and quiet business opportunity for himself.

“We are open and available for further communications with Mr. Rappaport if he chooses to mitigate what may be to come.”

Fidelis Cybersecurity threat systems manager John Bambenek estimated the ransom demand be more than $1 million, the Los Angeles Times reported.

TheDarkOverlord stole files from multiple healthcare dabases earlier this year and listed the records on the dark web for 750 bitcoin (about $481 million).

Cybersecurity consultant Jamie Moles of Lastline said WestPark’s network perimeter security was likely the weak point. He said it’s likely WestPark failed to limit the number of IP addresses allowed to access the network remotely, FTSE Global Markets reported.

News of the hack follows word last week of a breach at Yahoo that could affect 500 million users, the largest hack in U.S. history.