They spoke too soon
"Microsoft Security Intelligence @MsftSecIntel
We have detected and are now blocking a new family of ransomware being used after an initial compromise of unpatched on-premises Exchange Servers. Microsoft protects against this threat known as Ransom:Win32/DoejoCrypt.A, and also as DearCry.
11:53 PM · Mar 11, 2021·Twitter Web App"