"[Y]ou can also read about us on the internet, we are the oldest Ransomware group, we have the biggest reputation for trust, and we always keep our word!"
Oh well, that's ok then. Pleasure doing business with you!
Clearly these villains have grasped the importance of a trustworthy image. Still, I think I'd be just a teensy bit sceptical all the same. Just because they haven't yet published data after payment doesn't mean they never will. It would make sense for them to retain copies, just in case anyone tried to get clever and set the cops on them; maybe some kind of automatic publication in the event that they don't check in with a server every few weeks, say.
It won't help his case any, of course, but he's looking at 20+ years anyway. Might help to pass the time a bit, and as one of their victims I would be very concerned that they might do just that.